Converting a physical path to a virtual path.

furious5

Having a bit of a blank moment, can anyone help me out.

Basically I have a folder outside the root of my site and need to display some images contained within this.

I have done it this way, to stop people hotlinking to images.

My problem is, is there a function in PHP that will convert a physical path to a virtual path???

furious5

I was just wondering whether anyone has come across anything that would allow me to convert a physical path to a virtual path?

laserlight

I havent tried this method myself, but I dont think it is a feasible method to stop hotlinking.

I dont see how the user agent can retrieve the image if it is stored outside the document root.

furious5

The thing is each of the files would be called dynamically.

If the image is stored outside of the public_html folder, it would be difficult for the person to simply read the source and call it after deciphering the virtual path.

However if the image was a directory below the root, how could a user physically call this from the browser - thats my argument anyway.

I've done something similar with Access and ASP to prevent people downloading the database directly from the public_html folder - and guess it must be just as feasible with PHP as all I am doing is using the directory structure to control access.

All the function I am creating will do, is call the image from the other folder and display it - which to my mind is simply resolving a physical path to a virtual path. Surely if the image is contained on the server it doesn't matter whether it is in that directory or another.

Any ideas??

Weedpacket

Idea: in an earlier page (e.g., the page that has the link you want the user to use), set a session variable. Then, in the script that pulls the image, check that the session variable is set.

furious5

Could do - someone else has suggested using either link() or symlink(). Have any of you guys used these functions??

Basically all I am trying to do is add a low level of security to the images contained within the directory. As said in the hotlinking thread if anyone wants the images that badly they will get them.

By using the directory structure to do this, I thought I could easily do this. My only problem is displaying the images once contained outside the site. Arggh I hate it when a plan fails!

laserlight

Ah. I thought you were trying to directly use the image.

I presume that you're generating a dynamic name on each page load?

Never tried symlink(), but it might be possible to link to the image, then unlink after processing is complete.

furious5

It doesn't matter whether the images are displayed directly or indirectly as long as they are displayed.

crimaniak

page with image store variable to session

$_SESSION['pageDisplayed']=true;

show picture using page

if($_SESSION['pageDisplayed']===true)
{
header("Content-type: image/jpeg');
readfile('path_to_images_out_of_root/myimage.jpg');
}

furious5

crimaniak - that looks like it will do the trick.

Will give it a shot now.