1

I need some help with some advanced file include code.. I googled around, but I'm not sure how to describe it in a short way for searching.

Basically here is the file structure: 

/public_html/include_handle.php  

/protected_site/index.html
               /images/image.jpg

If I include index.html using a regular include statement, image.jpg obviously won't show in the browser because it's not in a public/relative directory. Short of some heavy preg_match/replace parsing, how can I get the image to show on the include_handle.php page when including index.html? I would also like to be able to follow links to other pages from the index.html page. I know I can use iframes and put the static pages in a public directory, but I don't want that for various reasons. Any help would be greatly appreciated, Thanks!

Improve this question
5
  • do you have gd installed? I can think of an over engineered way to do it... Commented Mar 9, 2011 at 21:35
  • @Matt Ellen: You don't need GD to do a readfile() Commented Mar 9, 2011 at 21:41
  • @Andrew Moore: good point. But just how over engineered is your way? ;) Commented Mar 9, 2011 at 22:08
  • @Matt Ellen: One rewrite rule, a PHP script (I assume it's protected by "something"), and some validation. Commented Mar 9, 2011 at 22:11
  • @Andrew Moore: too easy! -1 wtf point. Commented Mar 9, 2011 at 22:18

3 Answers 3

Reset to default
2

You can set Apache alias to make a "virtual" directory in your public site:

Alias /images /protected_site/images

After which any /images/ urls in your public-facing webpages will be internally redirected to the protected site's images directory instead. The cost is that this exposes part of the protected site's document tree, so you have to be careful with what you put into that images directory.

Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

Wouldn't this interfere with the current public site images directory if it were named the same? I'm basically making a php include/iframe.
Most likely, yes. Not sure if aliases take priority over physical directories, but presumably so. But you could make the alias have any name you'd like and point your html at that instead of /images for those "special" pictures.
1

You can use the base HTML tag for your page to work as if it was in a different directory (or host). Relative links will be resolved using this value as the current document.

I guess protected_site is not accessible from the web. You will need a PHP script to read the files from the protected directory and send them to the user. It will look something like:

getimage.php?image=image.jpg

If you don't want to change the content of index.html and still link to images as something.jpg instead of the above, you can use mod_rewrite on the server side:

RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*?\.(jpg|gif|png))$ getimage.php?image=$1 [L]

This way apache will call your PHP for any image files which do not exist in the public directory.

Improve this answer

5 Comments

How would I confine the rewrite rule to a single page? and allow links to be navigated on that page on the protected site. I would also like it if I were to try to access the files outside of that page, that it would fail.
No, images and links from other sites will not be affected at all, this only works inside your website. - RewriteRule works on the server, so different server different rules. :)
I don't mean from other sites. I mean from my site.
The RewriteCond lines make sure that it will be applied when there is no such (real) file found. So if you put an image in your public_html directory it will be served as usual, but if a browser asks for an image which does not exist (under the public directory), the request gets ridericted to getimage.php.
Interesting... I'll have to look into this further when I have more time. It looks like using rewrite rules similar to above with a php handler script will work. Thanks!
1

First solution: Put images to the public folder in order browser can access it, links in .html should be relative to /public_html

Second solution: serve your protected images through php script (you need to issue correct headers for browser and use readfile for example to pass the image data) example for jpg:

header("Content-Type: image/jpeg"); 
readfile("/protected_site/images/image.jpg");

Link to the image will be like:

image.php?id=image.jpg
Improve this answer

2 Comments

The public part isn't an option. All the files must remain in a non-public directory that's only accessible through the php script. I'm not quite sure I understand this readfile function.. It seems to me that I would have to replace parts of index.html with readfile. I don't wanna edit index.html at all.
readfile shoud read the id parameter from $_GET and put it to readfile's path. Do not forget to check if there are no slashes etc in image filename passed from client to avoid information disclosure. To avoid modifying index.html at all use extra .htaccess with rewrite rules offered by vbence in his answer to this question

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.