Re: [phplib] protecting served files/images/mp3.... From: Arno A. Karner (karner <email protected>)
Date: 05/22/01

use the rewrite and path stuff is interesting and will prob end up using
it some time, but doesnt adrees the permissions problem unless i try an
impose some kind of directiory permission scheam on imagenary
directories.

still allows people to hack at will to see what files they can access,
generating random file names is not my idea of fun.

dam is getting the inline object to work that hard????? that unsupported
by browsers??? hasn't anyone made this work for any file type????

using file extensions for file typeing sounds like a shitty bill plan, i
prefer file command and a magic data file.

Eric Ries wrote:
>
> On Tue, 22 May 2001, Arno A. Karner wrote:
>
> > > I'm doing essentially the same thing with gifs stored in a database, and it
> > > works like a charm, and the html is simple:
> > >
> > > <img src="foo.php">
> > >
>
> I once did something similar. I found it best to do something like:
>
> foo.php/filename.gif
>
> that way, the browser can glean information about they file type by
> inspectinge the file extension (the browser doesn't know a script is
> involved) and you can inspect the PATH_INFO variable in PHP to know which
> file is expected.
>
> Eric 

-- 
My opinions are my own and not that of my employer even if I am self
employed
Tech Net, Inc.            --FREE THE MACHINES--                 
651.224.2223
627 Palace Ave. #2           karner <email protected>              
karner <email protected>
St. Paul, MN 55102-3517        www.tnss.com         
wanted    : adsl/cable modem with static ip at reasonable price
accept-txt: us-ascii,html,pdf
accept-dat: ascii-delimited,sql insert statments

---------------------------------------------------------------------
To unsubscribe, e-mail: phplib-unsubscribe <email protected>
For additional commands, e-mail: phplib-help <email protected>