Hi all I have a directory full of images on a webserver. I want to prevent people who are not logged into the website to be able to access these images directly ie http://www.mywebsite.com/images/tree.jpg If they have logged in they can access images this way but if not they cant. I am using ASP and a windows server Anyone got any ideas ? thanks
Hey Yorks, Weirdly enough I had to do the same the other day... its only a quick workaround but... Link all your images like; image.asp?id=1 IMAGE.ASP: <% Response.Buffer = True website = "http://www.blah.co.uk/" id = Request("id") denied = website & "denied.gif" notavailable = website & "unavailable.jpg" Select Case id Case 1 imageurl = website & "images/image1.jpg" Case Else imageurl = website & "images/image_default.jpg" End Select If Request.ServerVariables("HTTP_REFERER") = "" Then Response.Redirect denied Else Set xml = Server.CreateObject("MSXML2.ServerXMLHTTP") xml.Open "GET", theurl, True Call xml.Send() If xml.readyState <> 4 then xml.waitForResponse 3 End If If Err.Number <> 0 then Response.Redirect notavailable Else If (xml.readyState <> 4) Or (xml.Status <> 200) Then xml.Abort Response.Redirect notavailable Else Response.Redirect theurl End If End If Set xml = Nothing response.write(var1) End If %> I've simplified bits, as mine was for stripping urls from an XML feed, but the general principles the same. There are better ways. If you have access to the management console in IIS then you can achieve a different way.
Hi Bobby, Yorks is using an ASP/Windows setup so .htaccess isnt relevant. http://www.webmasterworld.com/forum10/1497.htm As I said, if you can access IIS you can do more, but if you only have FTP access then the code supplied (or a variant of at least) will be the closest solution. Think .NET goes way above and beyond this ability, but again, mentioned ASP. =)
Ahh, sorry completely missed that part... I wondered why you gave him ASP code... I don't feel so smart right now