Access images in folder outside webroot

software development

#1

Hi, I have a folder that is outside the webroot – /bin/logos – that I use to store confidential files. From a php script in the public directory I’d like to access an image from that folder (eg. src=’/bin/logos/image.jpg’) but it seems it can only see folders in the public area. Thanks for your help in getting to these files.


#2

You would need a second CGI script that when requested reads the file and sends the appropriate headers and content, or ask DreamHost support to enable mod_xsendfile if it hasn’t already so the second CGI script just needs to send headers. Either way you are going to have to go about that very carefully otherwise you may leave your site open to intrusions.


#3

Thanks for the feedback. I can see how I may have a script return a file and setting the header, but is there a way to get the this information in a tag?


#4

Face: ovale ansikt passer index: 3,5

Kommentarer: Joke av ovalt ansikt så mange MM misunnelse, men to fotografier kontrast, hvis skrå smell, så hun mer elegant og grasiøs. Hvis du har en standard ovalt ansikt, kan du prøve å legge til en livlig og leken Liu Qi elementer. Men Xiaobian at hvis ikke veldig avanserte funksjoner MM, eller å gjøre mer for å vurdere.
Rotete kort hår

Dette rotete kort hår gjør at du ser full av noen av den første typen, hele ansiktet, men også full av mange, avslører en liten sjarmerende søt!Slik holder håret falle hår-norgeghdrettetang.com


#5

if you are serving up stuff outside your document root, you’ll need the script file to handle the request. So you put whatever you want in your img tag that will be intercepted by the script.

if you are only interested in a single file, why not just put it in your document root? or create a symlink? if that dir is for confidential files, why are you saving an image which is meant for public distribution in there?


#6

Hi there.
I have the same problem.
bobcat - sometimes I want to allow one user to view his photos without allowing others.
I want to manage photo albums where each user can upload his own photos, and I wish to keep them private.
So users can upload and view their own photos, and only theirs.

I thought about setting an upload folder outside the web root, and build a php script that will serve those files, making sure the proper user is the one asking for the files… A php script that is serving files outside the web root is somewhat dangerous… The whole idea of a web root is to put stuff that is supposed to be accessed from the internet, and whatever that is outside… well… isn’t.

Is there an easy way to serve files but blocking unauthorized users from accessing them (using a php script)?