保护图像不被复制 [英] protect images from being copied
问题描述
我正在寻找可靠的解决方案来保护图像不被复制..
我的客户(摄影师)希望避免客户在没有购买的情况下复制她的照片。
<我正在考虑混合使用这些技术:
PHP自制过期
图像是从读取图像文件的php脚本加载的,在请求中我将请求时间戳和文件名捆绑在一起。如果时间戳非常接近实际时间戳(两个时间戳都在同一服务器上生成,因此没有时间配置发出),则会在页面生成时创建请求。例如:在生成的html中,我有一些img标签,如:
因此,当用户想要从源代码复制图像源时,image.php脚本赢了回答,因为页面生成和图像请求之间存在延迟...
无缓存
如果我发送一个无缓存标头,我想浏览器不会在客户端计算机上缓存/存储文件?
现在这是基本的想法..
用户没有原始文件名,因此无法直接访问它们。
使用此解决方案,我甚至可以将它们加水印飞行或调整大小
用户仍然可以打印屏幕,有2种类型的打印屏幕,将它们放在剪贴板中,以及保存文件的屏幕。 / p>
是否有解决方案,我正在考虑某种javascript方面onkeydown并检测printcreen touch,或者在mac cobination上移动+ alt + cmd + [1-4]和空白的ima gesbefore采取任何行动.. 这可能,或多或少可靠,如何?
我的另一个部分想法是清除剪贴板一个间隔或一些动作,但这对人们来说是烦人的,不适用于桌面保存的屏幕截图,也许并不适用于所有浏览器。
还有其他想法吗?
那么从哪里开始呢?
这是一个实用的问题,我知道人们可以拍摄他们的屏幕照片或使用hdmi电缆来捕捉设备......但是说真的,这太过分了,没有人会为这些照片做这个,我们'不要谈论最高机密的机密文件...
所以这是我的实施:
首先在php中生成页面时调用图像:
$ reqinfo ['id'] = $ data [id];
$ reqinfo ['maxsize'] = 320;
$ reqinfo ['timestamp'] = time();
$ reqinfo ['base'] = false;
$ encoded = base64_encode(openssl_encrypt(serialize($ reqinfo),'AES-128-CBC','martine',0,'fgrgfvcfghtfdrfg'));
echo'< div class =imagecontainer>< img src =photo.php?info ='。$ encoded。'/>< / div>';
这已经在imagecontainer类的css和javascript中实现了一些限制。
我发送图像ID(或名称)的最大宽度或高度以及请求时间戳,所有这些都在发送到photo.php
base的请求字符串中加密,如果图像可以绕过一切,则为true并被称为普通图像。
photo.php
< ;?
//请求信息
$ reqinfo = unserialize(openssl_decrypt(base64_decode($ _ GET [info]),'AES-128-CBC','martine',0,'fgrgfvcfghtfdrfg'));
//图片已过期
if(time() - $ reqinfo [timestamp]> 10){exit(); }
//公共图像
if($ reqinfo [base] == true){readfile('img /'.$ reqinfo [id]。'。jpg');出口(); }
//标头缓存
标头(Cache-Control:no-cache,must-revalidate); // HTTP / 1.1
header(Expires:Sat,26 Jul 1997 05:00:00 GMT); //过去
标题中的日期('Content-type:image / jpeg');
//检查缓存存在并发出
if(file_exists('img /'.$ reqinfo [id] .'_'。$ reqinfo [maxsize]。'。jpg') ){readfile('img /'.$ reqinfo [id] .'_'。$ reqinfo [maxsize]。'。jpg');出口(); }
//来源图片
$ image_path ='img /'.$ reqinfo [id]。'。jpg';
list($ original_width,$ original_height)= getimagesize($ image_path);
$ srcImage = imagecreatefromjpeg($ image_path);
$ ratio = $ original_height / $ original_width;
//创建目标图像持有者
$ destination_width = $ reqinfo ['maxsize'];
if($ destination_width< 1)$ destination_width = 1;
if($ destination_width> $ original_width)$ destination_width = $ original_width;
$ destination_height = round($ destination_width * $ ratio);
if($ destination_height> $ reqinfo ['maxsize'])
{
$ destination_height = $ reqinfo ['maxsize'];
$ destination_width = round($ destination_height / $ ratio);
}
$ targetImage = imagecreatetruecolor($ destination_width,$ destination_height);
imagealphablending($ targetImage,true);
// resample copy logo
imagecopyresampled($ targetImage,$ srcImage,
0,0,
0,0,
$ destination_width,$ destination_height ,
$ original_width,$ original_height);
//水印
$ watermark = imagecreatefrompng('watermark.png');
imagesettile($ targetImage,$ watermark);
imagefilledrectangle($ targetImage,0,0,$ destination_width,$ destination_height,IMG_COLOR_TILED);
//输出
imagejpeg($ targetImage,'img /'.$ reqinfo [id] .'_'。$ reqinfo [ maxsize]。'。jpg');
imagejpeg($ targetImage);
imagedestroy($ targetImage);
?>
'martine'是一个简单的密码
img显然是非公共路径
希望这或多或少清楚,基本上这个(按顺序):
- 解密$ reqinfo数组
- 检查imagerequest是否为新鲜,如果用户复制网址并加载到另一帧中,则不会加载任何图像。
- 检查图像是否可以绕过调整大小和水印并发送到浏览器
- 检查是否存在缓存版本以加快流程
- 重新创建已调整大小的版本
- 添加水印
- 保存服务器缓存版本
- 发送超出'一次性'形象
希望这可以帮助某人......
Im looking for reliable solutions to protect images from being copied.. My customer (photographer) would like to avoid customers copying her pictures without buying them.
I was thinking about mixing these techniques:
PHP self-made expiration
images are loaded from a php script reading from the image file, in the request I bundle the request timestamp and filename. if the timestamp is very close to the actual timestamp (both timestamps are generated on the same server, so no time config issues) the request is created on page generation. For example: in the generated html, I have some img tag like:
So when the users wants to copy the image source from source code, the image.php script won't answer as there is a delay between page generation and image request...
No caching
If I send a No cache header, I suppose the browser doesn't caches/stores the file on the client computer?
Now that's the basic idea.. Users don't have the original file name so can't acces them directly.. With this solution, I can even watermark them on the fly or resize them
Users could still print screen them, there are 2 types of printscreens, those that put them in the clipboard, and those that save a file.
Would there be a solution, I was thinking about some sort of javascript side onkeydown and detecting the printscreen touch, or shift+alt+cmd+[1-4] on mac cobination and blank out imagesbefore any action is taken.. is this possible, more or less reliable and how?
Another partial idea I had was to clear clipboard on an interval or some action, but this is annoyinng for people, doesn't work for desktop saved screen captures and maybe doesn't works on all browsers.
any other idea?
So where to go from here? This is a practical question, I know people could take a picture of their screen after all or use a hdmi cable to capturing device.. but seriously, this is overkill, no one will do this for such pictures, we're not talking about top secret classified documents...
So this is my implementation:
First when calling an image during a page generation in php:
$reqinfo['id'] = $data[id];
$reqinfo['maxsize'] = 320;
$reqinfo['timestamp'] = time();
$reqinfo['base'] = false;
$encoded = base64_encode(openssl_encrypt(serialize($reqinfo), 'AES-128-CBC', 'martine',0,'fgrgfvcfghtfdrfg'));
echo'<div class="imagecontainer"><img src="photo.php?info='.$encoded.'" /></div>';
This already implement some restrictions in css and javascript on the imagecontainer class. I send the image ID (or name) the maximum width or height and the request timestamp, all this encrypted in a request string sent to photo.php base is ment to be true if image may bypass everything and be called like a plain image.
photo.php
<?
//request info
$reqinfo = unserialize(openssl_decrypt(base64_decode($_GET[info]), 'AES-128-CBC', 'martine',0,'fgrgfvcfghtfdrfg'));
//image expired
if(time() - $reqinfo[timestamp] > 10){ exit(); }
//public image
if($reqinfo[base] == true){ readfile('img/'.$reqinfo[id].'.jpg'); exit(); }
//header cache
header("Cache-Control: no-cache, must-revalidate"); // HTTP/1.1
header("Expires: Sat, 26 Jul 1997 05:00:00 GMT"); // Date in the past
header('Content-type: image/jpeg');
//check cache existance and send out
if(file_exists( 'img/'.$reqinfo[id].'_'.$reqinfo[maxsize].'.jpg')) { readfile('img/'.$reqinfo[id].'_'.$reqinfo[maxsize].'.jpg'); exit(); }
//source Image
$image_path = 'img/'.$reqinfo[id].'.jpg';
list($original_width, $original_height)= getimagesize($image_path);
$srcImage = imagecreatefromjpeg( $image_path );
$ratio = $original_height/$original_width;
//create destination image holder
$destination_width = $reqinfo['maxsize'];
if($destination_width < 1) $destination_width = 1;
if($destination_width > $original_width)$destination_width = $original_width;
$destination_height = round($destination_width*$ratio);
if ($destination_height > $reqinfo['maxsize'])
{
$destination_height = $reqinfo['maxsize'];
$destination_width = round($destination_height/$ratio);
}
$targetImage = imagecreatetruecolor( $destination_width, $destination_height );
imagealphablending($targetImage,true);
//resample copy logo
imagecopyresampled( $targetImage, $srcImage,
0, 0,
0, 0,
$destination_width, $destination_height,
$original_width, $original_height );
// watermark
$watermark = imagecreatefrompng('watermark.png');
imagesettile($targetImage, $watermark);
imagefilledrectangle($targetImage, 0, 0, $destination_width, $destination_height, IMG_COLOR_TILED);
//output
imagejpeg( $targetImage, 'img/'.$reqinfo[id].'_'.$reqinfo[maxsize].'.jpg' );
imagejpeg( $targetImage );
imagedestroy( $targetImage );
?>
'martine' is a simple passphrase img is obviously an non public path
Hope this is more or less clear, basically this (in order):
- Decrypt the $reqinfo array
- check if imagerequest is fresh, if a user copies the urls and loads in another frame, no image will be loaded.
- Checks if the image can bypass resize and watermark and be sent to the browser
- Checks if a cached version exists to speed up process
- Recreates a resized version
- Add a watermark
- Saves a server cached version
- sends out the 'disposable' image
Hope this can helps someone...
这篇关于保护图像不被复制的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
