Martin Zvarík napsal(a):
there are two choices (example):

1) file_redirect.php?src=file/root.jpg --- shows an image

2) .htaccess --- if is requested file/root.jpg than redirect to "xyzfile/root.jpg"

In both cases I can restrict the access to some files only.

If we talk about PHP, the file/image.jpg can be directed to xyzfile/image.jpg - and the client won't know.

BUT if we talk about .htaccess - can the client find out where it really points out?

For example file/image.jpg will be directed to xyzfile/image.jpg --- I suppose it sends a response to the browser and tells him the new path which it should request, am I right?

If so, than it's not really secure, since the user will be able to test and try all other filenames and get somewhere I don't want him to go - I know I might be too careful,

BUT I am interested how PROs do this.

Your comments will be appreciated,


AHA, from what I've just read, the .htaccess is server-side, so the client won't know the real directory.

Can somebody confirm?

PHP General Mailing List (
To unsubscribe, visit:

Reply via email to