On 3 February 2010 16:22, Karl DeSaulniers <k...@designdrumm.com> wrote:
> Very nice. I did not think of that.
> But lets say its a whole bunch of images and multiple people may be
> accessing them.
> Is it safe to have them accessing a directory outside the public_html
> On Feb 3, 2010, at 10:14 AM, Richard Quadling wrote:
>> On 3 February 2010 16:07, Karl DeSaulniers <k...@designdrumm.com> wrote:
>>> Thank you all for your numerous responses.
>>> I hear you loud and clear. I was wanting to see if it would be less of a
>>> burden on the server and secure my images better to put the images inside
>>> database, but
>>> as you all have almost uniformly stated, this would not be the best
>>> I currently have all my images referenced by url in my database and
>>> in a folder/s and I think I will keep it that way...
>>> Thanks for your 2 cents,
>>> PHP Database Mailing List (http://www.php.net/)
>>> To unsubscribe, visit: http://www.php.net/unsub.php
>> If you put the images OUTSIDE of the webroot/docroot/public_html
>> folder (whatever you have), then a user cannot directly navigate to
>> the file.
>> http://www.yoursite.com/images/image1.jpg would probably work.
>> But ...
>> Now, there is no way I can load image1.jpg from my browser. I have to
>> use getImage.php, which I assume would require me to login or
>> authenticate myself in some way.
>> Richard Quadling
>> "Standing on the shoulders of some very clever giants!"
>> EE : http://www.experts-exchange.com/M_248814.html
>> EE4Free : http://www.experts-exchange.com/becomeAnExpert.jsp
>> Zend Certified Engineer : http://zend.com/zce.php?c=ZEND002498&r=213474731
>> ZOPA : http://uk.zopa.com/member/RQuadling
> Karl DeSaulniers
> Design Drumm
If the file is outside of the docroot, then they _CANNOT_ access them.
There is no url to the image!
So, a script which examines the session to make sure the request is
valid is normally enough to restrict feeding the images to valid
Multiple simultaneous readers are not a problem.
If you have any writers, then you need to introduce a locking
mechanism or some other protection.
"Standing on the shoulders of some very clever giants!"
EE : http://www.experts-exchange.com/M_248814.html
EE4Free : http://www.experts-exchange.com/becomeAnExpert.jsp
Zend Certified Engineer : http://zend.com/zce.php?c=ZEND002498&r=213474731
ZOPA : http://uk.zopa.com/member/RQuadling
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php