apache control access to some files

hello,

I have some files should be accessed only by the logged in users of a website

I am using php and cookies to make sure only those who have logged in have access to the links to those images. This is a good first step.

Now, I am realizing that those link (such as

1 Reply

Well theres some good new and bad news.

Good news, what you want is possible. Since you're using PHP create a php file which takes a GET variable which is the file name. Move your images out of the web accessible directory. Set your PHP file to check if the user is logged in, if they're not throw whatever message you want, if they are get the PHP file to take the GET variable, open the related file using readfile() which will output it to the browser (remember to use header() to set the correct mime type) also don't forget to secure your GET input you don't want someone being able to read stuff that isn't an image.

Bad news, there's nothing stopping someone logging in, copying the image and emailing it to someone else.

Reply

Please enter an answer
Tips:

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (https://www.google.com)

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Community Code of Conduct