0

I am hoping someone can help me, I am wanting to load/display a image on a page using php. But I want disable the images folder from been accessed from the web.

so e.g if I go to /image.php/test.jpg I want it to go get that image from the image folder and show it on screen using the image.php file, but I don't want it to be viewable like this http://website.com/images/test.jpg (i dont need help with the link code or anything, just the code needed instead of the html img tag) at the moment I am putting the img tage into a varible then returning it out of the function, but I don't think that will work this will work when I close up the image folder.

I am using iis8, I know how to disable the access using request filtering and setting the folder in url deny, just cant get the images or css file to load when I do that, unless theres a better/easier way to do it using iis so only php could call the files but guests cant using my existing

Many thanks all, Michael.

Improve this question
4

2 Answers 2

Reset to default
1

You could use something like this in your .htaccess file (assuming your images are located in /images):

RewriteEngine On
RewriteBase /images/
RewriteRule ^(.+?\.jpg)$ index.php?p=$1 [L,QSA,NC]

Then create an index.php in your images folder and put the logic in there to serve the image.

<?php
if($_SERVER['HTTP_REFERER'] === "mywebsite.com"){
header("Content-type: image/jpeg");
readfile($_GET['p']);
}

Or if you simply want to disable indexing, Google is full of helpful info.

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

(.+?\.pdf) shouldn't that be a jpg file?
0

Add a .htaccess file in your images folder (AllowOverride must be set to true) with the following content:

order deny,allow
deny from all

then create your image.php

$img = $_GET['img'];

$file = 'images' . DIRECTORY_SEPARATOR . $img;
header('Content-Type: image/jpeg');

readfile($file);

and your html should look like:

<img src="image.php?img=rick-rolled.jpg">
Improve this answer

9 Comments

To the down-voter: It would be courteous to explain your downvote so that everybody learns something.
I did not downvote and Mark is right. However, I think the downvote was because of $img = $_GET['img']; that should be $img = $_GET['file']; since calling it with image.php?file or $img = $_GET['img']; with image.php?img
if you're not worried about hotlinking and you only want to disable indexing, there is no need to get PHP involved.
@Adelphia You know, I could have easily also downvoted your answer with the error you made, but I didn't. I made a comment about the .pdf. You could have done the same and have said something. There's a lesson here (wink) we're here to help each other, not compete.
Fred, Montanelu, Sorry for the delay in explaining my downvote. It was only because I noticed Fred's comment on my answer and wantedd to fix my own error first. I have removed my downvote.
|

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.