I still am trying to get my script that can display a jpg photo to work. It almost works but I have some trouble with the last details.


My idea is that the script is called www.domain.com/photo.php?n=photo.jpg

Which would display the photo.

So far I have been able to accomplish that so if I include that url inside an IMG tag in phpbb the photo is displayed and if I open a new window and enter that url IE also displays the photo properly.

However that version of the script does not include a header command which it should. As soon as I add the header it only works partially. It still works when imbedded in an IMG tag but if the url is opened directly in the browser the Save as dialog appears. The file can be saved and viewed.

In the following link I have used both script to illustrate this, the only difference is the header command

The first photo is displayed with the script that does not include the header, the second photo is displayed with the script that include following header

<?php
header("Content-type: application/jpg");

http://phpbb.klein-jensen.dk/viewtopic.php?p=77#77


Can anybody tell me what could be wrong?

Alternatively let me know if anyone know of an existing script that does this and also offer following options which is the reason why I am writing it:

- must check referrer domain against list of domains that are allowed to direct link
- must display specific image if photo does not exist
- must display specific image if illegal directlinking
- must store stats in mysql

Try

header('Content-Type: image/jpeg');
header('Content-Disposition: inline; filename=file.jpg);

That seems to work - lets see if it also works when imbedded here.

Please try clicking on the photo.

http://photo.klein-jensen.dk/photo.php?n=HarrisHawk1.jpg

<?php
header("Content-type: application/jpg");

http://phpbb.klein-jensen.dk/viewtopic.php?p=77#77


Can anybody tell me what could be wrong?

Alternatively let me know if anyone know of an existing script that does this and also offer following options which is the reason why I am writing it:

- must check referrer domain against list of domains that are allowed to direct link
- must display specific image if photo does not exist
- must display specific image if illegal directlinking
- must store stats in mysql

Correct me if I am wrong but that will just display an image right? Why wouldn't you want to display a very simple webpage that contains your name and the image?

The functionality that you want wouldn't be hard to do, even if you have to learn as you go. Just had a db with hosts that are allowed to link and run a select on everytime the image is accessed. For the stats you will want to do an insert for each access, the problem is deciding what you want to track and setting up the db accordingly.

That seems to work - lets see if it also works when imbedded here.

Please try clicking on the photo.



It works like a charm.

Correct me if I am wrong but that will just display an image right? Why wouldn't you want to display a very simple webpage that contains your name and the image?


Because I want to be able to imbed the photo in these forums and I could not do that if I displayed a html page.

Once I am sure it works perfectly I may extend it to write some text info into the actual jpeg that is displayed.

Because I want to be able to imbed the photo in these forums and I could not do that if I displayed a html page.

Once I am sure it works perfectly I may extend it to write some text info into the actual jpeg that is displayed.

Duh! [Smacks head with a large trout]

One thing that I did notice Tommy, for me it doesn't cache the image.

Tommy, I'm a little confused here. You are going out of your way to make sure other people can not directlink to your images. However, you are not taking steps to prevent others from downloading your image. So, if they can't direct link to your image and they really want to use your image, couldn't they just download it and use it that way?

Tommy, I'm a little confused here. You are going out of your way to make sure other people can not directlink to your images. However, you are not taking steps to prevent others from downloading your image. So, if they can't direct link to your image and they really want to use your image, couldn't they just download it and use it that way?

True but since I have come to the conclusion that the only thing that will prevent people from stealing the photos would be not to display them so I just want to make sure that I myself decides how my bandwitdh is used. The script is to prevent directlinking.

I am not going to do anything that prevents download the image but I will start putting a watermark on my photos. All this started because 2 different users started to directlinking. Although in both instances it was with best intentions neither of them asked for permission.

Is anybody seeing an illegal directlinking image instead of a photo of a Harris Hawk?

Is anybody seeing an illegal directlinking image instead of a photo of a Harris Hawk?

I get the hawk.

I get the illegal link thingy

I get the illegal link thingy

How about now?

How about now?

I get the hawk both on the forum and when I click on the link.

I got the hawk now. Nice shot BTW.

Tommy, I'm going to try doing a direct link to your hawk from my web site and will let you know what I get.

Tommy, I'm going to try doing a direct link to your hawk from my web site and will let you know what I get.

Thanks.

I got the hawk now. Nice shot BTW.

Excellent, thanks :D

Tommy, here's a link to the test html I created a direct link to your image:

<<link removed>>

I have a direct link to your image directory which I can get to without any problem. However, this shouldn't be a problem if nobody knows what directory your images are kept in.

The other link is a direct link to your php script which in turn is supposed to display the image if the originating URL is legit. In this case, I get an red X or an equivalent the 4 browsers I tested on (IE, Firefox, Safari and Netscape). I didn't get any messages though.

Oops. It does work and I get the message now. I miss-type the URL the first time :oops:

Thanks for testing Leo.

As for linking directly into my image directory /external did You think I hadn't thought of that :lol: When I am convinced the script is working that folder will be cleared of the images I want to "protect" and the script reads the images from a folder that is not directly available via any url except thorugh the script :wink:

I just deleted the image from the public folder, try refreshing Your page :wink:

Thanks for testing Leo.

As for linking directly into my image directory /external did You think I hadn't thought of that :lol: When I am convinced the script is working that folder will be cleared of the images I want to "protect" and the script reads the images from a folder that is not directly available via any url except thorugh the script :wink:

I just deleted the image from the public folder, try refreshing Your page :wink:

:D :D :D

Leo thank You for helping with the testing. I have restored the file since I use it elsewhere so if You within a day or 2 could delete the test page I would appreciate that.

Tommy, it's gone.

Thanks Leo.

A followup on this.

Does anyone know if it is possible detect if the script was called within a page or if it was called directly in a new browser window?

If that is possible to detect then I would like to imbed the photo in a little html page to center the photo and include a link.

"Directly in a new browser window" - defined as someone typing the url in the URL field of a broswer... Versus "called within a page" means someone clicked on a link....

Check the Referrer field - note that you have to enable this in Apache if you don't have it already. If I click on a link - or it's embedded in a page - then the Referrer field will contain that page. If you enter the URL manually into the browser then the referrer field will be blank - actually I think it's "-"

I went to "http://www.itsanadventure.com/postimages/" which shows all my images, and then clicked on a Butterfly pic.


From the Apache log, 3rd line is Referrer:
66.37.203.189 - - [30/Aug/2004:11:33:43 -0400]
"GET /postimages/Butterfly_7828.jpg HTTP/1.1" 304 - "http://www.itsanadventure.com/postimages/"
"Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.5) Gecko/20031007"


I then copied the Butterfly's url, fired up IE to get away from Mozilla's cache, and pasted the URL into IE and hit enter. Note that 3rd line, referrer, is now "-"

66.37.203.189 - - [30/Aug/2004:11:35:02 -0400]
"GET /postimages/Butterfly_7828.jpg HTTP/1.1"
200 71900
"-"
"Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0; .NET CLR 1.1.4322)"


From Apache's httpd.conf. Make sure that "%{Referer}" is configured for the log type "combined" and then set your logging method to "combined" -

LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
CustomLog logs/access_log combined


Actually I think you already do this anyway.

I already check the referrer, but You said something. I haven't looked in the log and compared the 2 approaches. I'll do that. But basically what I want is this.

Call the script as shown in previous post so the photo is imbedded nicely here in the forum. When the user click on the image the same script is called (due to Pekka's resize script it is not possible for me to set a different url).

Right now that result in a new browser window with the jpg displayed directly. But I would like it to be displayed like following like will do

http://photo.klein-jensen.dk/photohtml.php?n=HarrisHawk1.jpg

On my system when I tried that it simply displayed the image from the browser's cache. My web server never got a request when I clicked on the image.

I wonder if it's possible to include a directive to tell the browser not to cache the image? Or possibly setting the Expire for 1 second? That should cause another query, which might have a referrer set differently...

I checked my log and the problem is that when clicking on the link as opposed to copy/paste the referrer is the same as when just imbedding so I can't use the referrer to determine this action. :(

Ohh well I have to think more about this, in the meantime I have changed the script so it can display exif information in the bottom of the photo frame.