If your site is hosted https then whatever a user POSTs to your site will be encrypted. This would require that you buy a cert for your site. Or you could generate one yourself using openssl but visitors to the securely hosted pages would get warnings in their browser about the certificate not being validated. In either case, the data would be encrypted in transit from browser to server.
The trick to preventing users from going directly to a particular file that has been uploaded is to feed it to users through a php page that
1) checks the session to make sure a user has permission
2) acts as a proxy to deliver the file using something like [man]readfile[/man]
the files would ideally be stored outside of the web root so there's absolutely no way for users to get at the file by typing in some url. it has to be fed to them through PHP or cgi or something.
that php file might look something like this:
define('SECRET_IMAGE_LOCATION', '/var/www/secretImageFolder'; // ideally this is outside your web root so it's not available through apache
$imageName = $_GET["imageName"];
if(empty($imageName)) {
die('empty image name'); // given that people don't directly visit this page (it's displayed in an <IMG> tag) you might want to output an error image instead;
}
if (!file_exists(SECRET_IMAGE_LOCATION.$imageName)) {
die('file does not exist'); // see prev comment
}
if (notPermitted()) {
die('you are not allowed!'); error image here?
}
$output = imagecreatefromjpeg(SECRET_IMAGE_LOCATION.$imageName);
imagejpeg($output, "", 100);
imagedestroy($output);
something to keep in mind is that if apache is going to read and write the file, then it's going to have all the permissions needed to read and write the file. 777 or 770 or whatever is kind of irrelevant.
also, you might want to send a header indicating a mime type or something.
EDIT: fixed some syntax errors involving quotes and changed the comment
