RE: This, then that. [solved?]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



> Hi gang:
> 
> I think I found a solution.
> 
> Here's the url:
> 
> http://www.webbytedd.com/bbb/image-test1/
> 
> The point is that the image is only accessible via this script, is 
> this correct?

I can access it without a script:
http://www.webbytedd.com/bbb/image-test1/images/a.jpg

It may be difficult to guess a.jpg even if I can guess /images
but in the img tag, try src="display_image.php?id=anId"
and in display_image.php, test if the user is authorized before displaying the image.
Then a direct call to display_image.php?id=anId would still have a chance to authenticate the user.
_________________________________________________________________
Peek-a-boo FREE Tricks & Treats for You!
http://www.reallivemoms.com?ocid=TXT_TAGHM&loc=us

[Index of Archives]     [PHP Home]     [Apache Users]     [PHP on Windows]     [Kernel Newbies]     [PHP Install]     [PHP Classes]     [Pear]     [Postgresql]     [Postgresql PHP]     [PHP on Windows]     [PHP Database Programming]     [PHP SOAP]

  Powered by Linux