eric,
ive seen this technique mentioned once or twice on the list now; do you know
of an article online
you could share that explains it?
-nathan
On 7/26/07, Eric Butera <eric.butera@xxxxxxxxx> wrote:
On 7/26/07, elk dolk <elkdolk@xxxxxxxxx> wrote:
> Hi all,
>
> I want to hide the real URL to my images by masking it with PHP
> the code looks like this:
>
> $query = "SELECT * FROM table";
> $result=mysql_query($query);
>
> while ($row = mysql_fetch_array($result))
> {
> echo "<img src='http://www.mysite.com/img/{$FileName}'/>";
> }
>
> if you look at the source in browser you will see:
>
> <img src='http://www.mysite.com/img/111.jpg' />
>
> how can I show it like this:
>
> <img src='show.php?FileName=111.jpg' />
>
>
>
> ---------------------------------
> Luggage? GPS? Comic books?
> Check out fitting gifts for grads at Yahoo! Search.
If you use $_SERVER['REQUEST_URI'] you can do all sorts of interesting
things.
Say for instance you create a directory at the root of your site
called /images and put an index.php in there. Then inside of that
index.php you can parse the REQUEST_URI against some settings you'd
like and create your own sort of mod_rewrite rules out of it.
Here is an example:
<?php
var_dump($_SERVER['REQUEST_URI']);
$matches = array();
$result = preg_match('/([0-9]+).jpg$/D', $_SERVER['REQUEST_URI'],
$matches);
if ($result == true) {
echo 'Requested image: '. $matches[1];
}
?>
You can translate that 1111 to your image via a database call such as
SELECT imagename FROM hiddenimages WHERE id = 1111 or whatever you
want. People can still directly link to your images using this
technique.
Given that, you might also reconsider why you are hiding your image
filenames. Are you trying to protect them from unauthorized viewing?
If that is the case you can use the real filenames, but pass them
through a script that checks for a session set to you know that only
authenticated users can see them.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
