standard place to store user's jpgs so others can't see them?

Posted on 2006-04-05
Last Modified: 2012-05-11
Excuse the noob. There's probably a pretty standard way to do this, I just don't know it! Here's the situation:

Users get to upload and view some jpgs.  But how can I keep user1 from seeing user2's photos, and vice versa? This is assuming user1 wants to snoop around, and has some skills.  (I know the basic stuff like turning off indexes.)

Do you put all jpgs in one directory, then configure the dir somehow ... do you create a different directory for each user and then configure them somehow.... ?

Please be explicit as possible in your answer. Thanks very much.

Question by:boise2004

    Author Comment

    LVL 27

    Expert Comment

    > Users get to upload and view some jpgs.

    And how do they upload the images? Via ftp? If yes, you should configure your ftp daemon that the ftp startfolder for user1 is a different one than user2. But if they don't upload via ftp (which means that they can't see the content of that folder), how should user1 guess (with disabled directory listing), that there's an other image named asd6639455rf.jpg in that folder?

    Author Comment

    thanks caterham.
    no ftp, just standard html file button upload.
    I guess I am being overcautious!
    LVL 27

    Accepted Solution

    So the only way would be that someone guesses the URL/filename. You can prevent that if you generate a unique filename. And use a robots.txt to exclude all bots from that folder (so that no image spider spiders the images, e.g. google images).

    Featured Post

    Looking for New Ways to Advertise?

    Engage with tech pros in our community with native advertising, as a Vendor Expert, and more.

    Join & Write a Comment

    Suggested Solutions

    If you are running a LAMP infrastructure, this little code snippet is very helpful if you are serving lots of HTML, JavaScript and CSS-related information. The mod_deflate module, which is part of the Apache 2.2 application, provides the DEFLATE…
    Hi, in this article I'm going to teach you how to run your own site, and how to let people in (without IP). I'll talk about and explain each step... :) By the way, everything in this Tutorial is completely free and legal. This article is for …
    Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
    Access reports are powerful and flexible. Learn how to create a query and then a grouped report using the wizard. Modify the report design after the wizard is done to make it look better. There will be another video to explain how to put the final p…

    728 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    19 Experts available now in Live!

    Get 1:1 Help Now