Random image question


#1

Hi all,
I’ve just finished up a php script that acts as jpg on my server, calling random images from another folder on that server, which I use on a forum. It works great, apart from one small problem: for some reason whenever I put the url for the php/jpg into my address bar, it calls the image URL into the address bar, so people can see the URL of the image being called.

This isn’t a terrible problem, but it would be nice if I could stop that from happening somehow.

Just to make sure I’m being clear: I have http://yoursite.com/avatar.jpg linked on a forum. When it’s loaded, it calls a random image from a specific folder, but when it’s loaded outside a webpage (in the address bar) it shows the URL of the image being called, which could lead to people hotlinking, etc.

I could always use a .htaccess file to stop any hotlinking, but I would feel a lot better if they didn’t even know the URLs of the images to begin with.

Thanks in advance for any help. :)

[code]<?php
$dh = opendir(".");

while (false !== ($file = readdir($dh)))
{
if (preg_match(’/.(jpg|gif|png)$/i’, $file) and $file != “avatar.png”)
{
$filelist[] = $file;
}
};

srand((double)microtime()*1000000);
$picnum = rand(0, sizeof($filelist) - 1);

header("Location: " . $filelist[$picnum]);

closedir($dh);
?>[/code]


#2

im not quite sure i understand you, but i will to try reply with the best answer i can based on my understanding of your problem…

What you could do is make a php script, and have that script load the image, and send it to the browser, then make an IMG tag and put as SRC=“sendimagescript.php”. Then they wouldnt know the url of the image. Although that alone wont protect hotlinking, what you must do is this…

if(strpos($_SERVER['HTTP_REFERER'], "mysitesdomain.com") != false){
//then they came from your site, show them the image.
}

this works excellent and i use it on all my files so nobody can link to them.


#3

Thank you for your reply, and I apologise for the confusion. :slight_smile: