On Sat, 2003-02-15 at 11:24, Michael Mulligan wrote:
> The script that I will distribute will always make use of a very particular
> directory structure. In "imageDir", there will always be a specifically
> named XML file that points to a bunch of images in the directory. However,
> given security checks that I put in my script, not all of those images
> should be publicly viewable. However, if a savvy user were to just load this
> XML doc up in their web browser, they will have a complete listing of URLs
> to all of my images. I cannot modify this XML file. (which is why I want to
> block a user from loading, say myserver.com/imageDir/picture.jpg)
>
> Will your proposed idea still work in this situation?
Yes--but you need to make the image inaccessible to the outside (simply
put them in a folder that can't be seen from the web).
Here's an example. Suppose you have a script called page.php that needs
an image called img.jpg. Instead of calling img.jpg, you call another
script, serveimage.php as follows:
<img src="serveimage.php?img=img.jpg">
Now, in serveimage.php you do this:
<?php
$img = $_GET['img'];
// First, check that the user is not trying to trick us
// into revealing a file that we shouldn't reveal.
// Note: this is a *very* simplistic approach--you will probably
// want to add your own
if (substr ($img, '/'))
die('Invalid file name');
// Now, check if the user has permission to this file. You don't
// explain how you do this, so I'll leave this to an external
// function called check_permission ($file) that returns true if the
// user is able to see that file and false otherwise
if (check_permission ($img))
{
// Tell the browser this is an image
// Note, you will probably have to change this depending
// on the file type
header ('Content-type: img/jpg');
readfile ($img);
}
else
die ("Unauthorized access");
?>
Essentially, what I'm doing is I'm replacing a file with a script that
first checks the permissions and then, if the user is authorized,
outputs the file to the browser. This way, if the user is not authorized
to download a file, it will be blocked. Obviously, the files themselves
should be inaccessible to the web *except* through your scripts.
Hope it's a bit clearer now!
Cheers,
Marco
--
------------
Marco Tabini
President
Marco Tabini & Associates, Inc.
28 Bombay Ave.
Toronto, ON M3H 1B7
Canada
Phone: (416) 630-6202
Fax: (416) 630-5057
Weblog: http://blogs.phparch.com
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
