Solved

Managing access to graphics using .htaccess and mod_rewrite

Posted on 2011-09-04
5
345 Views
Last Modified: 2012-05-12
I have a directory of graphics that I now want to manage access to.

In the past, I have linked to the graphics like this:
http://www.mysite.com/images/thesegraphics/19002/image.jpg

Each graphic is called "image.jpg" and resides in a directory named by the graphic ID, in the example above 19002

Now, if the user of 19002 set permissions to "not public" it still serves it up.  

So what I want is a quick PHP script that when someone links to the graphic like above, it is actually being served by:

http://www.mysite.com/scripts/getimg.php?id=19002

Which will then check the permissions for that graphic and either serve it back or serve back a default "private" graphic.

I think I should be able to do this with mod_rewrite but despite googling and reading and tinkering for a few hours I can't get it to work.  Hoping someone here can give me a quick example.  Here was my latest attempt:

Options +FollowSymlinks
RewriteEngine on
RewriteRule ^thesegraphics/([0-9]+)/image.jpg http://www.mysite.com/scripts/getimg.php?id=$1 [NC]

Open in new window

0
Comment
Question by:trippy1976
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
5 Comments
 
LVL 5

Accepted Solution

by:
si_shamil earned 500 total points
ID: 36484456
Try:
Options +FollowSymlinks
RewriteEngine on
RewriteRule ^images/thesegraphics/([0-9]+)/image.jpg http://www.mysite.com/scripts/getimg.php?id=$1 [L,QSA]

Open in new window

0
 
LVL 4

Author Comment

by:trippy1976
ID: 36485342
Thank you!

Is there any way to do it so that people don't realize (i.e. the URL stays the same)

http://www.mysite.com/images/thesegraphics/19002/image.jpg

would still show up in my browser.
0
 
LVL 5

Expert Comment

by:si_shamil
ID: 36485468
yes it's possible, with the above .htaccess file.

create file in script and call it getimg.php, then paste following code:
<?php
$file = realpath("images/thesegraphics/{$_GET['id']}/image.jpg");

if (file_exists($file)) {
    header('Content-Description: File Transfer');
    header('Content-Type: application/octet-stream');
    header('Content-Disposition: attachment; filename='.basename($file));
    header('Content-Transfer-Encoding: binary');
    header('Expires: 0');
    header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
    header('Pragma: public');
    header('Content-Length: ' . filesize($file));
    ob_clean();
    flush();
    readfile($file);
    exit;
}

Open in new window


should work. read here for more info
0
 
LVL 50

Expert Comment

by:Steve Bink
ID: 36486761
>>> (i.e. the URL stays the same)

If you remove the protocol and host from the destination, you ake it a rewrite, instead of a redirect:

RewriteRule ^images/thesegraphics/([0-9]+)/image.jpg /scripts/getimg.php?id=$1 [L,QSA]

Open in new window

0
 
LVL 4

Author Comment

by:trippy1976
ID: 36488281
routinet:  Thank you for the information.  I actually discovered this on accident.  It also makes the re-write compatible accross domains which is important for me (I do testing on test. and prod is www. so not having a hard coded domain name makes the .htaccess file portable)
0

Featured Post

On Demand Webinar - Networking for the Cloud Era

This webinar discusses:
-Common barriers companies experience when moving to the cloud
-How SD-WAN changes the way we look at networks
-Best practices customers should employ moving forward with cloud migration
-What happens behind the scenes of SteelConnect’s one-click button

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Color can increase conversions, create feelings of warmth or even incite people to get behind a cause. If you want your website to really impact site visitors, then it is vital to consider the impact color has on them.
There’s a good reason for why it’s called a homepage – it closely resembles that of a physical house and the only real difference is that it’s online. Your website’s homepage is where people come to visit you. It’s the family room of your website wh…
The viewer will learn how to count occurrences of each item in an array.
The viewer will get a basic understanding of what section 508 compliance can entail, learn about skip navigation links, alt text, transcripts, and font size controls.

710 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question