Question posted in
Some documentation to get you started can be found here.

Protect image and pdf user, view file only user is login – Apache

I have this problem, I have to protect the images and documents of users who upload within the site.
I’ve written some code but I do not understand why its not working.

the dir of the files is:

/storage/user_id/docs/namefile.jpg

example:

/storage/1/docs/1616.jpg

Now, I added the .htaccess file inside the folder storage:

   Options -Indexes
   RewriteEngine on

   RewriteCond %{REQUEST_FILENAME} .*jpeg$|.*jpg$|.*gif$|.*png$|.*pdf$ [NC]

   RewriteRule (.*) http://localhost/system/functions/imageAuth.php?img=$1 [NC,L]

File imageAuth.php

   <?php

   require_once($_SERVER['DOCUMENT_ROOT'].'/system/core/config.php');

   if(!strip_tags($_GET['img']) || !isset($_GET['img']) || $_GET['img'] == "" ){
     header('Location https://'.$_SERVER['HTTP_HOST']);
   }

   $reqpath = strip_tags($_GET['img']);
   $foundslash = strpos($reqpath,'/');

   if($foundslash === FALSE){ 
     header('Location https://'.$_SERVER['HTTP_HOST']);
   }

   $string = trim($reqpath, "/");
   $parts = explode("/", $string);
   $uid = $parts[1];

   $files = explode(".", $_GET['img']);
   $ext = end($files);

   if($ext == "jpg" || $ext == "jpeg" || $ext == "gif" || $ext == "png"){
       $ext = "image/".$ext;
   }else if($ext == "pdf"){
       $ext = "application/".$ext;
   }

   header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
   header("Cache-Control: no-store, no-cache,must-revalidate");
   header("Cache-Control: post-check=0, pre-check=0",false);
   header("Pragma: no-cache");
   header("Content-type: ".$ext);

   $authed = FALSE;
   $uc = $user->get_user_c($uid);

   if($_SESSION['user_c'] == $uc){
       $authed = TRUE;
   } 

   if($authed){
       @readfile($_GET['img']);
   }else{
       @readfile("storage/not_authed.jpg");
   }

   ?>

I’m sure the $user->get_user_c() function works correctly. But I do not understand why its not showing the image since I have checked everything I needed to display the image or pdf.

The image display in tag html or open a link image.

Error: “impossible to load the image”

I test if open image with url file php, working, but not open in normal tag

Solved the error is in path file, but now if i try to getimagesize(); return only false… nobody can help me?

Tags:

2

Answers


  1. 0

    I’d start by printing $_GET[‘img’] and make sure it exists on the server.

    You could use fileexists() to check that it’s present before trying to read it.

    Login or Signup to reply.
  2. 0

    You problem in in file htaccess.
    Try

    Options -Indexes
RewriteEngine on
RewriteCond %{REQUEST_FILENAME} .*jpeg$|.*jpg$|.*gif$|.*png$|.*pdf$ [NC]
RewriteRule ^(.*)$../system/functions/imageAuth.php?img=$1 [NC,L]
    Login or Signup to reply.
Please signup or login to give your own answer.

Back To Top
Search