0

我正在创建一个约会网站,用户可以在其中上传他们的图片,有些是私人的,有些是公开的。

我计划做的是保存所有上传的图像,当我想展示它们时,我会有一个脚本来调用它们。

即:url-> mysite.com/members/mainimage/5

处理这个调用的函数是: public function mainImage($user) {

    $this->load->model('tables/user_images_table');
    $image = $this->user_images_table->getMainUserImage($user);

    if($image != null ) {
        $imageExploded = explode('.',$image);

        switch( $imageExploded[1] ) {
            case "gif": $ctype="image/gif"; break;
            case "png": $ctype="image/png"; break;
            case "jpeg":
            case "jpg": $ctype="image/jpg"; break;
            default:
        }
        $imagePath = 'uploads/'.$image;
    } else {
        //default image
        $imagePath = 'inner/default.png';
        $ctype = 'image/png';
    }



    header('Content-type: '.$ctype);
    readfile(base_url()."images/".$imagePath);
}

但是当我看到我的网站越来越大时,我注意到每个用户图像请求我的所有应用程序文件都已加载,这可能会减慢我的网站速度。

你知道如何保存私人图像(不会通过 url 公开,只有在对用户进行一些检查之后)

4

1 回答 1

2

store your private images in some folder, also place there .htaccess with such code:

deny from all

so now no one can access these files via http directly

then create .htaccess in the root of your site and copy these lines there:

RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^private-photo/([0-9]+)\.(jpg|jpeg|gif|png)$ private_photo.php?id=$1 [QSA,L]

so now all http requests like http://site.com/private-photo/113.jpg will be redirected to private_photo.php

so the final step is: you create private_photo.php where you get id of image from $_GET["id"], make security checkings - if the user who requests the photo has an access to it, and then fopen/fpassthru the image or just displaying an error about restricted access

于 2013-02-02T21:31:00.097 回答