RE: This, then that. [solved?]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



> >>  I think I found a solution.
> >>
> >>  Here's the url:
> >>
> >>  http://www.webbytedd.com/bbb/image-test1/
> >>
> >>  The point is that the image is only accessible via this script, is
> >>  this correct?
> >
> >I can access it without a script:
> >http://www.webbytedd.com/bbb/image-test1/images/a.jpg
> 
> I think what you were seeing was a cached image.

Yes, it seems I was accessing a cached image.

If I am allowed to see this picture, but not another, you may still have a security issue.
If I am allowed to see this picture, and thereby am also allowed to see any other, then you probably don't need to secure it more.

I just don't like the actual image filename in the HTML view source.  I prefer to hand off an id to a display_image.php script which checks credentials for the specific picture.

_________________________________________________________________
Peek-a-boo FREE Tricks & Treats for You!
http://www.reallivemoms.com?ocid=TXT_TAGHM&loc=us

[Index of Archives]     [PHP Home]     [Apache Users]     [PHP on Windows]     [Kernel Newbies]     [PHP Install]     [PHP Classes]     [Pear]     [Postgresql]     [Postgresql PHP]     [PHP on Windows]     [PHP Database Programming]     [PHP SOAP]

  Powered by Linux