At 09:48 19/01/2005 +0000, mel list_php wrote:
Ok Neil, I'll try this as well.I thought a readfile would be also forbidden by the htaccess,

No, .htaccess affects public viewing of the web root and child folders. PHP operates on the web server's file system (in as far as your host/ISP permits that) so the two areas are complementary.

Infact, you could store the files entirely outside of the web root if you have access to such space on the machine - using readfile, as long as you have filesystem permission to traverse to the desired directory, then you can read and pass through the file using PHP. Then you'd not need .htaccess at all, it only comes into play when you're file-hiding beneath the web root.

and I agree this would be a good solution.I don't really want to store the picture in the database but the fact is tha I should be able to do it if I want!

No, really really , don't do this. Store the path to the image.
You then load the path into PHP and use

header("Content-type: image/jpeg");

Then .htaccess the *actual directory* you store the images in so it's hidden from browsing.

Only allow authorised people access to their own images, using a standard authentication system, and retrieve the image filenames they're allowed from the DB, append that to your protected directory path, and use readfile() to pass through the file data directly to the browser.

-- PHP Database Mailing List ( To unsubscribe, visit:

Reply via email to