限制访问图像的最佳方法...这是对的吗? [英] Best way to limit access to images... is this about right?

问题描述

我想限制对图像的访问，因此，我将它们放置在Web根目录之外，并且当用户链接到图像时，它将通过用户/通过我们数据库的密码对它们进行身份验证，然后(如果经过身份验证， )读取图像文件，并以适当的mime类型输出.

I want to limit access to images, therefore, I will be putting them outside of the web root, and when a user links to an image, it will authenticate them via user/pass from our database, and then (if authenticated) read the image file, and output it with the appropriate mime type.

任何图像链接都将类似于:

Any image links will be something like:

<img src="/image.php?id=324fwqrefv35fq5">  

其中id是数据库中的imageId.

Where the id is the imageId in the database.

这听起来像是个好方法吗，而且-是否有针对php的此类代码?

Does this sound like a good way, and also- is there such code out there for php?

推荐答案

听起来很不错.无论如何，这就是我的攻击方式.尽管Google可能会在提出其他人的解决方案方面取得丰硕的成果，但是代码本身对于您编写自己来说应该是微不足道的.

Sounds like a good way to do it. That's how I'd attack it, anyway. The code itself should be pretty trivial for you to write yourself, although Google may be fruitful in turning up someone else's solution.

修改

我没有看到您的链接格式.老实说，这是一个非常丑陋的URL.为什么不使用mod_rewrite之类的东西来访问图像呢?例如，

I didn't see your link format. Honestly, that's a pretty ugly URL. Why not use mod_rewrite or something so it looks like you are accessing an image? For example,

<img src="/image_324fwqrefv35fq5.png">

只需将URL重写为您在答案中指定的格式，以便用户查看更好的URL.但这既不是这里也不是那里；只是第二个建议.

Just rewrite the URL to the format you specified in your answer so the user has a nicer URL to look at. But that's neither here nor there; just a second suggestion.

这篇关于限制访问图像的最佳方法...这是对的吗?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！