Hi,
I put all my images outside the web root, the prevent direct access, and then access them with a <img>-tag like this:
<img src="fnc_get_image.php?path=<?=$path;?>" />
where fnc_get_image.php is:
// Check if user is logged in require_once 'global_includes.php'; $user =& new User();
// Get path to image for display $path = $_GET['path'];
// Prepend path - prevents misuse $pPath = "/home/username/albums/" . $path;
header("Cache-Control: private"); $extention = substr($path, -3); if ($extention == "jpg") header("Content-type: image/jpeg"); if ($extention == "gif") header("Content-type: image/gif"); if ($extention == "bmp") header("Content-type: image/bmp"); if ($extention == "png") header("Content-type: image/png"); readfile("$pPath");
There is one slight problem though: To my eyes, it looks like the images are downloaded from the server every time. Is this a side effect of this method or is it just a optical illusion? Is there a way to tell for sure if the image is downloaded or displayed from the browser cache?
I've tried with and without a Cache-Control header. It doesn't seem to do any difference at all.
Your eyes are fine. You need to check for If-Modified-Since header, if the time is older than file modification time (filemtime()) send Last-Modified header and the image, else send 304 Not Modified response.
HTH
-- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php