Expiry Date on group access and User ID Access. Expiry Date on group access and User ID Access.
 

News:

CPG Release 1.6.26
Correct PHP8.2 issues with user and language managers.
Additional fixes for PHP 8.2
Correct PHP8 error with SMF 2.0 bridge.
Correct IPTC supplimental category parsing.
Download and info HERE

Main Menu

Expiry Date on group access and User ID Access.

Started by rostros, January 12, 2004, 03:29:40 PM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

rostros

Hey guys I have a selection of members on my site who are paying for a service to few photos, yes its adult content so i wont post the url on here, anyways , I have a 30 day access to members who have private access ' e.g private group' manually i am keeping a spreadsheet of ppl who have paid and the date there account expires,  im manually having to update each user profile every 30 days, I was thinking of having a script that could run either manually or automatically even tho where using php and not asp, any ideas ? this would be usefull.

Tarique Sani

This kind of mod will not be too difficult BUT I hope you realise how simple it is to get pictures from a Coppermine install even if you are not logged in :D
SANIsoft PHP applications for E Biz

athlonkmf

Quote from: "tarique"This kind of mod will not be too difficult BUT I hope you realise how simple it is to get pictures from a Coppermine install even if you are not logged in :D

Enlighten me.
My coppermine gallery with 35000 images: http://www.asianfanatics.net/
Another coppermine gallery with images over the 1MB http://dsample.kmfstudio.com

Tarique Sani

All the pictures in Coppermine are stored inside the web document root

so if you type the URL for the picture directly you can still get them no matter what
SANIsoft PHP applications for E Biz

rostros

Quote from: "tarique"All the pictures in Coppermine are stored inside the web document root

so if you type the URL for the picture directly you can still get them no matter what

Well you can just add Hotlink Enable protection tool so direct URL's would be invalid.

Joachim Müller

this will keep people from hotlinking your pics from other domains, but it won't keep them from entering the absolute url in the address bar of the browser and see the pics themselves. Anyone who knows the way coppermine works can do that. Spoofing a referrer isn't too hard either...

My point (and Tarique's as well afaik) is: don't put stuff on the internet that must remain absolutely private!

GauGau

Tranz

#6
How about putting this in the .htaccess file? When someone attempts to enter the absolute url, it redirects to the desired destination.
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^http://www.YourGalleryDomain.net/.*$      [NC]
RewriteCond %{HTTP_REFERER} !^http://www.YourGalleryDomain.net$      [NC]
RewriteRule .*\.(jpg|jpeg|gif|png|bmp.*.*jpg|jpeg|gif|png|bmp)$ http://DesiredDestination.net [R,NC]


The desired destination could be a page with a message explaining the situation, or it could just point to the gallery itself.

edit:
It seems this will work too (the difference is in the last line where it lists the extensions):
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^http://www.YourGalleryDomain.net/.*$      [NC]
RewriteCond %{HTTP_REFERER} !^http://www.YourGalleryDomain.net$      [NC]
RewriteRule .*\.(jpg|jpeg|gif|png|bmp)$ http://DesiredDestination.net [R,NC]

Bin

Quote from: TranzNDance on September 20, 2004, 03:45:25 PM
How about putting this in the .htaccess file? When someone attempts to enter the absolute url, it redirects to the desired destination.
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^http://www.YourGalleryDomain.net/.*$      [NC]
RewriteCond %{HTTP_REFERER} !^http://www.YourGalleryDomain.net$      [NC]
RewriteRule .*\.(jpg|jpeg|gif|png|bmp.*.*jpg|jpeg|gif|png|bmp)$ http://DesiredDestination.net [R,NC]


The desired destination could be a page with a message explaining the situation, or it could just point to the gallery itself.


Worked like a charm for me. Great suggestion there TranzNDance :)

M3

I want to use this for my site too for a little added security, but when you say the .htaccess file, where am I putting that, in the albums directory or the main gallery directory or into whatever album directory I want to really protect?

And I take it that's all that needs to be in that file, correct?

Bin

Quote from: M3 on September 22, 2004, 08:19:38 PM
I want to use this for my site too for a little added security, but when you say the .htaccess file, where am I putting that, in the albums directory or the main gallery directory or into whatever album directory I want to really protect?

And I take it that's all that needs to be in that file, correct?

Refer: http://forum.coppermine-gallery.net/index.php?topic=10196.0#msg45985 :)

bangerkcknbck

I found this thread very helpful for dipping my feet into using .htaccess.

I just wanted to post a hickup that I ran into.

I run my own apache webserver and I didn't have mod_rewrite compiled or enabled.  Make sure you look into that if your .htaccess isn't working.

I also found this wonderful webpage with .htaccess tools to help you configure your own for what you need.
http://www.htaccesstools.com/

This code was generated from that website and I used it in my .htaccess for my Coppermine gallery.  The 2 lines after RewriteEngine On are sites that are allowed to hotlink to the gallery.  You should put the domain name where your using the .htaccess in one of them if you plan on statically linking pictures in your site or if you want to use the random block or you will block your own site.

The second domain I listed was for an auction site as I wanted to post pictures from my web server yet not have anyone use my photos for their auctions.  This did the trick.

RewriteEngine on
RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?yourdomain.com.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?anyotherdomain.net.*$ [NC]
RewriteRule ^.+\.(jpg|jpeg|png|gif|bmp)$ http://redirecthere.com [NC,R,L]

This code also takes care of the issue of remembering to place the www before your domain if you also have it setup that way.