Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 354
  • Last Modified:

Managing access to graphics using .htaccess and mod_rewrite

I have a directory of graphics that I now want to manage access to.

In the past, I have linked to the graphics like this:
http://www.mysite.com/images/thesegraphics/19002/image.jpg

Each graphic is called "image.jpg" and resides in a directory named by the graphic ID, in the example above 19002

Now, if the user of 19002 set permissions to "not public" it still serves it up.  

So what I want is a quick PHP script that when someone links to the graphic like above, it is actually being served by:

http://www.mysite.com/scripts/getimg.php?id=19002

Which will then check the permissions for that graphic and either serve it back or serve back a default "private" graphic.

I think I should be able to do this with mod_rewrite but despite googling and reading and tinkering for a few hours I can't get it to work.  Hoping someone here can give me a quick example.  Here was my latest attempt:

Options +FollowSymlinks
RewriteEngine on
RewriteRule ^thesegraphics/([0-9]+)/image.jpg http://www.mysite.com/scripts/getimg.php?id=$1 [NC]

Open in new window

0
trippy1976
Asked:
trippy1976
  • 2
  • 2
1 Solution
 
si_shamilCommented:
Try:
Options +FollowSymlinks
RewriteEngine on
RewriteRule ^images/thesegraphics/([0-9]+)/image.jpg http://www.mysite.com/scripts/getimg.php?id=$1 [L,QSA]

Open in new window

0
 
trippy1976Author Commented:
Thank you!

Is there any way to do it so that people don't realize (i.e. the URL stays the same)

http://www.mysite.com/images/thesegraphics/19002/image.jpg

would still show up in my browser.
0
 
si_shamilCommented:
yes it's possible, with the above .htaccess file.

create file in script and call it getimg.php, then paste following code:
<?php
$file = realpath("images/thesegraphics/{$_GET['id']}/image.jpg");

if (file_exists($file)) {
    header('Content-Description: File Transfer');
    header('Content-Type: application/octet-stream');
    header('Content-Disposition: attachment; filename='.basename($file));
    header('Content-Transfer-Encoding: binary');
    header('Expires: 0');
    header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
    header('Pragma: public');
    header('Content-Length: ' . filesize($file));
    ob_clean();
    flush();
    readfile($file);
    exit;
}

Open in new window


should work. read here for more info
0
 
Steve BinkCommented:
>>> (i.e. the URL stays the same)

If you remove the protocol and host from the destination, you ake it a rewrite, instead of a redirect:

RewriteRule ^images/thesegraphics/([0-9]+)/image.jpg /scripts/getimg.php?id=$1 [L,QSA]

Open in new window

0
 
trippy1976Author Commented:
routinet:  Thank you for the information.  I actually discovered this on accident.  It also makes the re-write compatible accross domains which is important for me (I do testing on test. and prod is www. so not having a hard coded domain name makes the .htaccess file portable)
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now