Don't allow direct links Don't allow direct links
 

News:

cpg1.5.48 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.
[more]

Main Menu

Don't allow direct links

Started by Zit, August 30, 2009, 08:10:53 PM

Previous topic - Next topic

0 Members and 2 Guests are viewing this topic.

Zit

Hello,
i'am using coppermine gallery 1.4 and i have seen that it's possible to get (externally) access to the uploaded photos with a direct link (...albums/userpics/10001/1/123456789.jpg).
Via htaccess i can block these access but i also blocks the loged-in user :/

Has someone an idea how i can forbid the access via direct linking the photos?

Thanks,

Zit

Joachim Müller

No, that's nearly impossible. Has been discussed before. Someone who knows the path to the image can access it. You'd have to create the images dynamically (or move them around) and purge those temporary files after a short period. This would create an incredible load on the server and therefor would be only an option on galleries that get very little traffic.