HMetal
25th of April 2005 (Mon), 03:16
Pekka,
If I make a new exhibition, and make it a password protected exhibition, everything works fine from a PHP standpoint.
HOWEVER, discrete images are not protected from prying eyes. If someone happens to guess the filename of an image in the "photos" directory, they can view the image itself regardless of entering an exhibition's password by bypassing EE and viewing the image in their browser.
eg. instead of using the actual EE page at, for example:
http://mysite/photo.php?photo=8&exhibition=1&pass=my123&size=default&lang=eng
if the user uses the URL for the image itself - the image for photo with SQL ID #8, above, they can view your "private" photos with ease.
eg.
http://www.mysite.dom/photos/myphoto1.jpg
There is currently no way to secure the photos directory and its child directories without affecting normal EE operation.
Thus, I propose the following to fix EE and make ALL photos truly secure:
1. EE should be modified so that never, in any way, is a photo directly linked to in its storage directory. (see #2)
2. Use a sender script in all img tags. eg. <img src="http://www.yoursite.com/image.php?photo_id=8">
3. the sender script (image.php in the above example) should check that the user who requested image X (where X, for my examples here, is 8 ) has access to it (e.g. is the image in a private exhibition? If so, has the user entered the password to view it?). this could lead to even more security and privacy options for exhibitions and EE in general as,
4. We can then make our "photos" directory completely inaccessible by using an .htaccess file containing "deny from all". The only thing that would be accessing our photos is the sender script, image.php and only after it has made sure the user has supplied the proper access password (or whatever future access controls EE has implemented). No user can "browse" our images PERIOD. No blank index.html files, no "Options none" in .htaccess to prevent directory listings (where a user can still access a file if they know the filename, etc.).
"deny from all" in .htaccess completely locks out users from viewing the contents of the directory through the webserver but PHP can still access and send the file from that directory, after checking internal EE access rights. You simply send the proper HTTP headers and dump the image file contents to the browser. It's a simple thing to do in PHP.
This would completely secure photos/exhibition access (e.g. some people may have nudes they don't want family to see, but are okay with others viewing them..)
As a website developer with much PHP experience, I have done this kind of thing for clients, so if you would like help, feel free to shoot me a private message or reply here.
I've sure it would benefit everyone to have this capability in EE. http://www.photography-on-the.net/forum/images/smilies/icon_smile.gif
If I make a new exhibition, and make it a password protected exhibition, everything works fine from a PHP standpoint.
HOWEVER, discrete images are not protected from prying eyes. If someone happens to guess the filename of an image in the "photos" directory, they can view the image itself regardless of entering an exhibition's password by bypassing EE and viewing the image in their browser.
eg. instead of using the actual EE page at, for example:
http://mysite/photo.php?photo=8&exhibition=1&pass=my123&size=default&lang=eng
if the user uses the URL for the image itself - the image for photo with SQL ID #8, above, they can view your "private" photos with ease.
eg.
http://www.mysite.dom/photos/myphoto1.jpg
There is currently no way to secure the photos directory and its child directories without affecting normal EE operation.
Thus, I propose the following to fix EE and make ALL photos truly secure:
1. EE should be modified so that never, in any way, is a photo directly linked to in its storage directory. (see #2)
2. Use a sender script in all img tags. eg. <img src="http://www.yoursite.com/image.php?photo_id=8">
3. the sender script (image.php in the above example) should check that the user who requested image X (where X, for my examples here, is 8 ) has access to it (e.g. is the image in a private exhibition? If so, has the user entered the password to view it?). this could lead to even more security and privacy options for exhibitions and EE in general as,
4. We can then make our "photos" directory completely inaccessible by using an .htaccess file containing "deny from all". The only thing that would be accessing our photos is the sender script, image.php and only after it has made sure the user has supplied the proper access password (or whatever future access controls EE has implemented). No user can "browse" our images PERIOD. No blank index.html files, no "Options none" in .htaccess to prevent directory listings (where a user can still access a file if they know the filename, etc.).
"deny from all" in .htaccess completely locks out users from viewing the contents of the directory through the webserver but PHP can still access and send the file from that directory, after checking internal EE access rights. You simply send the proper HTTP headers and dump the image file contents to the browser. It's a simple thing to do in PHP.
This would completely secure photos/exhibition access (e.g. some people may have nudes they don't want family to see, but are okay with others viewing them..)
As a website developer with much PHP experience, I have done this kind of thing for clients, so if you would like help, feel free to shoot me a private message or reply here.
I've sure it would benefit everyone to have this capability in EE. http://www.photography-on-the.net/forum/images/smilies/icon_smile.gif