If you want to prevent your images from being "hotlinked" from someone else's site ... why not feed them out via a PHP script that checks the referrer? ... If you've arrived at this article via "www.wellho.net", you should see a clean image - and the image is at the url "http://www.wellho.net/demo/doggypic.php". However - if you go to the URL directly, or you access it embedded within another website - you'll see an image with the words "picture only available within web pages at http://www.wellho/net" overlaid onto it.
The script is a simple one:
<?php
header("Content-type: image/jpeg");
if (preg_match('/www\.wellho\.net/',$_SERVER[HTTP_REFERER])) {
$file = "doginfield.jpg";
} else {
$file = "dogstolenfromfield.jpg";
}
$stuff = file_get_contents($file);
print $stuff;
?>
... in fact, that's oversimple in the demo (and if you read it, you could find the images directly!!) and you would for a security script locate your .jpg files away from the document root ...
(written 2010-08-29, updated 2010-08-30)
Associated topics are indexed as below, or enter http://melksh.am/nnnn for individual articles
H309 - PHP - Maps, Graphics and Geographics [320] Ordnance Survey - using a 'Get a map' - (2005-05-22)
[563] Merging pictures using PHP and GD - (2006-01-13)
[665] PHP Image viewing application - (2006-04-01)
[937] Display an image from a MySQL database in a web page via PHP - (2006-11-22)
[1104] Drawing dynamic graphs in PHP - (2007-03-09)
[1194] Drawing hands on a clock face - PHP - (2007-05-19)
[1389] Controlling and labelling Google maps via PHP - (2007-10-13)
[1390] Converting from postal address to latitude / longitude - (2007-10-13)
[1391] Ordnance Survey Grid Reference to Latitude / Longitude - (2007-10-14)
[1628] Gant charts - drawing them with a PHP script - (2008-05-03)
[1724] addslashes v mysql_real_escape_string in PHP - (2008-07-27)
[1734] All around the world? - (2008-08-03)
[1752] Dynamic maps / geographics in PHP - (2008-08-13)
[1756] Ever had One of THOSE mornings? - (2008-08-16)
[1923] Making it all worthwhile - (2008-12-04)
[1956] Images for Christmas - (2008-12-21)
[2343] World Flags in your PHP pages - (2009-08-10)
[2361] Geocoding - converting address to latitude / Longitude with PHP via Google - (2009-08-14)
[2390] Dynamic / changing images on your web page - (2009-09-01)
[2583] Reducing image size on digital photos - PHP - (2010-01-17)
[2675] Redirecting to your main domain for correct security keys - (2010-03-13)
[2729] Uploading a document or image to its own URL via a browser - (2010-04-18)
[3027] Server logs - drawing a graph of gathered data - (2010-11-03)
[3133] An image from a website that occasionally comes out as hyroglyphics - (2011-01-14)
[3197] Finding and diverting image requests from rogue domains - (2011-03-08)
[3211] Computer Graphics in PHP - World (incoming data) to Pixel (screen) conversion - (2011-03-24)
[3447] Needle in a haystack - finding the web server overload - (2011-09-18)
[3536] UK Mapping Data - and more to come - under government Open Data measures - (2011-12-03)
[3584] QR codes - graphics images that provide quick phone links - (2012-01-18)
[3734] QR codes with marketing logos embedded - (2012-05-16)
[3817] Fpdf - generating .pdf documents easily from your PHP program - (2012-07-24)
[4178] Where are you? How to write a geosensitive application - (2013-09-18)
[4365] The changing face of Christmas - (2014-12-26)
[4437] Adding a PHP build option, rotating an image based on camera data, and a new look at thumbnails in PHP - (2015-02-22)
[4655] Image indexer / thumbnail display scripts in PHP - (2016-02-25)
H117 - Security in PHP [345] Spotting a denial of service attack - (2005-06-12)
[426] Robust checking of data entered by users - (2005-08-27)
[920] A lion in a cage - PHP - (2006-11-10)
[947] What is an SQL injection attack? - (2006-11-27)
[1052] Learning to write secure, maintainable PHP - (2007-01-25)
[1086] Injection attacks - safeguard your PHP scripts - (2007-02-20)
[1323] Easy handling of errors in PHP - (2007-08-27)
[1387] Error logging to file not browser in PHP - (2007-10-11)
[1396] Using PHP to upload images / Store on MySQL database - security questions - (2007-10-19)
[1482] A story about benchmarking PHP - (2007-12-23)
[1542] Are nasty programs looking for security holes on your server? - (2008-02-17)
[1679] PHP - Sanitised application principles for security and useability - (2008-06-16)
[1694] Defensive coding techniques in PHP? - (2008-07-02)
[1747] Who is watching you? - (2008-08-10)
[1779] Injection Attacks - avoiding them in your PHP - (2008-08-31)
[2025] Injection Attack if register_globals in on - PHP - (2009-02-04)
[2628] An example of an injection attack using Javascript - (2010-02-08)
[2688] Security considerations in programming - what do we teach? - (2010-03-22)
[3210] Catchable fatal error in PHP ... How to catch, and alternative solutions such as JSON - (2011-03-22)
[3698] How to stop forms on other sites submitting to your scripts - (2012-04-15)
[3747] An easy way to comply with the new cookie law if your site is well designed - (2012-06-02)
[3813] Injection Attacks - PHP, SQL, HTML, Javascript - and how to neutralise them - (2012-07-22)
[4642] A small teaching program - demonstration of principles only - (2016-02-08)
Some other Articles
Our facilities to support Well House Consultants CoursesOpen Source Programming - Training Course ScheduleWedding season in Melksham - somewhere good to stayTraining course locations - Melksham, UK; Buxton, UK; Lake Constance, Germany; Venice Italy, the USA and IndiaProtecting your images from use out of contextAn opportunity to join our team!The cat in the dustbinThe service that customers should receive01225 707126 to 01225 344596 to 01225 899360 - Well House FaxNot so much software training - more hotel keeping!