[request] deny URL access

[matthias81]

Hello @developers,
I am pretty new with Joomla and my first thought was to create a web gallery for my family. I’ll found a couple of Joomla galleries and (of course) I pick phoca gallery. I install it for testing and create my first gallery for registered users only. But I recognize that it is possible to access pictures by using the complete URL of the picture. I don’t like to allocate my private pictures to the whole world. So I found this thread for protecting the gallery folder with a .htaccess file viewtopic.php?f=1&t=2065&p=11983&hilit=protect#p11996.

But I think it’s not very useful to let the user login twice, one time for Joomla to see the gallery and second time to see the picture itself.

So my request is to change the access behaviour of the gallery. With this php-code

Code: Select all

<?php
  $myImage = imagecreatefromjpeg('images/jpgFile.jpg');
  header("Content-type: image/jpeg");
  imagejpeg($myImage);
  imagedestroy($myImage);
?>

and the .htaccess file in the images folder

Code: Select all

 Order deny,allow
Deny from all
Allow from localhost 127.0.0.1

It should be possible to avoid the direct access of the pictures via URL.

That does the developers think? Is that possible?

Kind Regards
Matthias

PS: Find attached my testing source.

[Jan]

Hi, sorry but I don't understand how this work?

[matthias81]

Hello Jan,
Thanks for your reply.
Well, I am not a php/.htaccess guru but I guess the following.

First of all, deny with the .htaccess file the direct URL access from the web.
Allow localhost to access the pics because the php script lay there. Maybe this is unnecessary, cause the createfromjpeg(..) isn't piped through apache.

imagecreatefromjpeg: create it own jpeg file with the source 'images/jpgFile.jpg'
imagejpeg: show created jpeg
imagedestroy: free the created file

best regards
Matthias

[Jan]

but where to paste the 'jpg' code?