On Tuesday 01 July 2008 13:34:28 Nitsan Bin-Nun wrote: > Umm have you ever thought about watermark-ing it? (In case its not a part > of your website or something..) heh, this dude got way to much time on his hands... ;D > > On 01/07/2008, Stefano Esposito <ragnarok@xxxxxxxx> wrote: > > On Sun, 15 Jun 2008 13:48:28 +0200 > > > > Stefano Esposito <ragnarok@xxxxxxxx> wrote: > > > Hi all, > > > > > > i have to forbid users of my site to view images directly (i.e. > > > writing the image URL in the address bar) but they'd be able viewing > > > them from the pages of the site. What's the best way of doing it, or > > > something similar? Is there a common strategy using PHP? Thank you for > > > any hint :-) > > > > > > Ciao, > > > Stefano > > > > Thanks for all of your hints :) > > Here's my solution: > > > > 1) disable contextmenu on the images to protect using javascript (just > > to discourage less determined people) > > > > 2) for other purposes, the page containing images to protect, is > > brought to users through an ajax request, so they can't so-easily > > look at the source (not with browser's normal 'view source' > > anyway... they would need something like firebug). > > > > 3) use a script to get image data (as someone on the list suggested), > > checking for the right $_SERVER['HTTP_REFERER'] (i know... it's not so > > trustworthy... if anyone has a better idea, i'll be glad to listen > > to :)) > > > > 4) encrypt the relative path of the image on the fly, using mcrypt with > > a key generated on the login and then pass it encoded whit > > base64_encode (with a little workaround for '+', '/' and '=' chars) to > > the image-reading script. So, even if someone can get to the source, > > they'll end up whit an encrypted id of which they don't know neither > > the key nor the encryption method nor even what it's supposed to > > represent (if some database id or a path). > > > > I think that's a good way to prevent image theft... well, unless the > > thief uses the print screen key... > > > > What's your point of view? > > > > > > Ciao, > > Stefano > > > > > > -- > > Email.it, the professional e-mail, gratis per te: http://www.email.it/f > > > > Sponsor: > > > > Caschi, abbigliamento e accessori per la moto a prezzi convenienti, solo > > su Motostorm.it > > Clicca qui: http://adv.email.it/cgi-bin/foclick.cgi?mid=7850&d=1-7 > > > > > > -- > > PHP General Mailing List (http://www.php.net/) > > To unsubscribe, visit: http://www.php.net/unsub.php -- --- Børge Holen http://www.arivene.net -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
