How to serve several images that are above the www root in one page?

Question

How to serve several images that are above the www root in one page?

I hope to offer users a user-submitted image gallery. I wrote a script download that saves the file above www root. I know that I can serve the file by specifying the page title and then using readfile, however, I plan to throw images inside the table that will be displayed with other information, and I don’t think that the reading header / file is the best solution. I think maybe symbolic links, but I'm not sure.

What is the best way to achieve this?

+4

php upload symlink image-gallery

Drew Jul 08 '11 at 13:51

source share

3 answers

Michael berkowski · Answer 1 · 2011-07-08T14:04:15+0000

You will need a script like getimage.php that sends image headers and displays their contents. Then in your HTML you simply use it as <img src=''> in your HTML. The only purpose of getimage.php is to extract and output the image. It remains separate from any PHP that you use to create HTML code sent to the browser.

In addition, you can check if the user has a valid session and permission to view the image in getimage.php , and if not, send some image with access restrictions instead.

The content of getimage.php small and simple:

 // Check user permissions if necessary... // Retrieve your image from $_GET['imgId'] however appropriate to your file structure // Whatever is necessary to determine the image file path from the imgId parameter. // Output the image. $img = file_get_contents("/path/to/image.jpg"); header("Content-type: image/jpeg"); echo($img); exit();

In your HTML:

 <!-- as many as you need --> <img src='getimage.php?imgId=12345' /> <img src='getimage.php?imgId=23456' /> <img src='getimage.php?imgId=34567' />

It then becomes a browser job to call getimage.php?imgId=12345 as the path to the image. The browser does not know that it calls a PHP script, and not an image in a directory accessible on the Internet.

Arno moonen · Answer 2 · 2011-07-08T14:09:44+0000

If the script is running on a Unix server, you can try to create a symbolic link in your root directory, which refers to a directory outside of your web root.

 ln -s /webroot/pictures /outside-of-webroot/uploads

If you are using Apache server, you can also look at mod_alias. I heard that there are several problems when using mod_alias and setting it up via .htaccess. Unfortunately, I have no experience with mod_alias.

Tyler biscoe · Answer 3 · 2011-07-08T14:21:57+0000

Something that always worked for me is forcing users to upload their images directly to my mysql db. PHP will be encoded in base64 and stored in blob. Then you do something similar to what Michael said to get and display the image. I included some code from a project that I worked on in 2008. I would not copy it if this is the method you want to use with its old code.

This is PHP for loading and storing in the database. Obviously, replace your information and connect to your own database.

 <?php include("auth.php"); // uploadimg.php // By Tyler Biscoe // 09 Mar 2008 // Test file for image uploads include("connect.php"); include("include/header.php"); $max_file_size = 786432; $max_kb = $max_file_size/1024; if($_POST["imgsubmit"]) { if($_FILES["file"]["size"] > $max_file_size) { $error = "Error: File size must be under ". $max_kb . " kb."; } if (!($_FILES["file"]["type"] == "image/gif") && !($_FILES["file"]["type"] == "image/jpeg") && !($_FILES["file"]["type"] == "image/pjpeg")) { $error .= "Error: Invalid file type. Use gif or jpg files only."; } if(!$error) { echo "<div id='alertBox'> Image has been successfully uploaded! </div>"; $handle = fopen($_FILES["file"]["tmp_name"],'r'); $file_content = fread($handle,$_FILES["file"]["size"]); fclose($handle); $encoded = chunk_split(base64_encode($file_content)); $id = $_POST["userid"]; echo $_FILES["file"]["tmp_name"]; $default_exist_sql = "SELECT * FROM members WHERE id='".$id."'"; $default_result = mysql_query($default_exist_sql); $results = mysql_fetch_array($default_result); if(!$results["default_image"]) { $insert_sql = "UPDATE members SET default_image = '$encoded' WHERE id='". $id ."'"; mysql_query($insert_sql); } $sql = "INSERT INTO images (userid, sixfourdata) VALUES ('$id','$encoded')"; mysql_query($sql); } else { echo "<div id='alertBox'>". $error . "</div>"; } } ?> <br /> <font class="heading"> Upload images </font> <br /><br /> <form enctype = "multipart/form-data" action = "<?php $_SERVER['PHP_SELF']; ?>" method = "post" name = "uploadImage"> <input type = "hidden" name="userid" value = "<?php echo $_GET["userid"]; ?>" > <input id="stextBox" type="file" name="file" size="35"><br /> <input type="submit" name="imgsubmit" value="Upload"> </form> <?php include("include/footer.php"); ?>

The following file displays the file:

 <?php // image.php // By Tyler Biscoe // 09 Mar 2008 // File used to display pictures include("connect.php"); $imgid = $_GET["id"]; $result = mysql_query("SELECT * FROM images WHERE imgid=" . $imgid . ""); $image = mysql_fetch_array($result); echo base64_decode($image["sixfourdata"]); echo $image["sixfourdata"]; ?>

Then:

 <img src="image.php?id=your_img_id">

How to serve several images that are above the www root in one page?

More articles: