Umm have you ever thought about watermark-ing it? (In case its not a part of your website or something..) On 01/07/2008, Stefano Esposito <ragnarok@xxxxxxxx> wrote: > > On Sun, 15 Jun 2008 13:48:28 +0200 > > Stefano Esposito <ragnarok@xxxxxxxx> wrote: > > > > Hi all, > > > > i have to forbid users of my site to view images directly (i.e. > > writing the image URL in the address bar) but they'd be able viewing > > them from the pages of the site. What's the best way of doing it, or > > something similar? Is there a common strategy using PHP? Thank you for > > any hint :-) > > > > Ciao, > > Stefano > > > Thanks for all of your hints :) > Here's my solution: > > 1) disable contextmenu on the images to protect using javascript (just > to discourage less determined people) > > 2) for other purposes, the page containing images to protect, is > brought to users through an ajax request, so they can't so-easily > look at the source (not with browser's normal 'view source' > anyway... they would need something like firebug). > > 3) use a script to get image data (as someone on the list suggested), > checking for the right $_SERVER['HTTP_REFERER'] (i know... it's not so > trustworthy... if anyone has a better idea, i'll be glad to listen > to :)) > > 4) encrypt the relative path of the image on the fly, using mcrypt with > a key generated on the login and then pass it encoded whit > base64_encode (with a little workaround for '+', '/' and '=' chars) to > the image-reading script. So, even if someone can get to the source, > they'll end up whit an encrypted id of which they don't know neither > the key nor the encryption method nor even what it's supposed to > represent (if some database id or a path). > > I think that's a good way to prevent image theft... well, unless the > thief uses the print screen key... > > What's your point of view? > > > Ciao, > Stefano > > > -- > Email.it, the professional e-mail, gratis per te: http://www.email.it/f > > Sponsor: > > Caschi, abbigliamento e accessori per la moto a prezzi convenienti, solo su > Motostorm.it > Clicca qui: http://adv.email.it/cgi-bin/foclick.cgi?mid=7850&d=1-7 > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > >