Rachel Anderson-Barrios wrote:
>From the sounds of it, you are required to use a web application to do what you want to do. It doesn't have to be PHP. You can use cgi scripts, ASP, tomcat with java, or ... Make a script or a page which will do two things. First, validate the user, check that they are logged in payed, etc. Second, parses a parameter to allow the image to be displayed on the page. Say, for example, the url is "www.domain.com/show_picture.cgi?id=sunset.jpg" show_picture.cgi will first check that the user exists, if so, will display sunset.jpg (from whatever folder sunset.jpg is in). Now, you do raise a point, a user could view the source and see the exact location of sunset.jpg. Well, there are a few other possibilities. You don't need your pictures to be in a "images" directory, it can be called anything you want. You could put it under "www.domain.com/sept_2007/another_sud_directory/123654123654/here" Once a user has viewed a picture, the server in the background can move it to a new location. For this, you may want to keep a database of where the pictures are located. Another thing you could to is only display your photos through an embedded object. For example, make little flash files out of your pictures. Have the flash program check that you are logged in, etc. Then you wouldn't need to move them around, or do anything else. Sincerely, -Rachel PS. This is my initial impression, there are probably many other ways to do what you want, but you will need the help of a programed application to do so.
---------------- End original message. --------------------- Actually, this is almost right but not quite.If you want the files served securely, they should NOT be located anywhere within the document root tree.
The script itself would retrieve the file from where it lives outside the server root and forward it to the browser. The URL for the image would be a call to the CGI script and not a direct link to the image itself. CGI is not limited to serving HTML, you can serve any file type you want by providing the appropriate content type and disposition headers.
For instance, in one of the applications I am working on, there is an option for a logged-in user with appropriate privileges to access a PDF file. This file is generated on the fly from the database and it never resides as an actual file on the file system. You can do the same thing with images. They can be stored in a database or anywhere on the file system and served solely by the application script.
In short, the application script acts as a proxy to Apache to serve the content. Apache simply invokes the script under the CGI mechanism and then "gets out of the way" while the script does what it is supposed to do.
Unfortunately, this is no longer really a discussion about Apache and is thus drifting off topic. There are many good books and tutorials out there on how to write web applications. Those resources are a better place to turn at this time than this list.
Dragon ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Venimus, Saltavimus, Bibimus (et naribus canium capti sumus) ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx