[phplib] Re: protecting folders with phplib From: Matthew Leingang (leingang <email protected>)
Date: 11/15/00

Well, here's something that I haven't really thought through, but might
work:

Keep your images outside of the web directory tree. Write a single script
(say image.php) that authenticates before getting and serving the image
data. But you might have to extend the auth class to make it work for
images. Instead of printing a login form when no auth is present, just
output some generic image, depending on whether text or image is expected.

Then in your html, instead of

<img src="secret-image.jpg">

do

<img src="image.php/path/to/image/secret-image.jpg">

When the client's browser sends the GET request for the image, it should
send all cookies, so authentication information stored in a session will
be available to image.php.

Sorry I can't provide real code examples but hopefully you get the idea.

--Matt

----------------------------------------------------------------
Matthew Leingang http://www.math.rutgers.edu/
Rutgers University leingang <email protected>
Department of Mathematics "This signature needs no quote."

On Tue, 14 Nov 2000, Daniel Bondurant wrote:

> is there anyway to protect an entire folder with phplib?
> I have a bunch of binary files that I want to limit access to.
>
> They are (mostly) thumbnails of images, and the orginal images, and I will
> be displaying 30 at a time.
> I could use fread to pull the thumbnails out of a protected directory, but
> that would be 30 authentications (plus the page itself) for each page. Is
> there any way to give authenticate the entire folder, and all it's contents
> with phplib without excessive authenticating?
>
>
>
> --ahpdhpigcdjdgodadlkh--
>

---------------------------------------------------------------------
To unsubscribe, e-mail: phplib-unsubscribe <email protected>
For additional commands, e-mail: phplib-help <email protected>