Is directly linking to an image okay for images uploaded to the server with a custom PHP script?

Question

For an image file (JPEG) that has been uploaded to the server via a PHP script (to a directory such as http://www.somedomain.com/images, is it a good idea to allow the client to get the image's direct address (such as http://www.somedomain.com/images/someimage.jpg and paste it into a WYWSIWYG text editor (such as TinyMCE)?

I am wondering if there is a preferable method where the direct address is encrypted?

Please, if I should just link directly to the image, just say so.

Thanks!

Note: I have modified this question from my original. Please see revisions if you are curious, but I think I was asking the question incorrectly. My apologies to the people who already answered.

Answer 1

Wordpress uses direct links for images. The permalink function simply puts the image on a page along with metadata for comments, but the images' SRC attributes still link directly to the image.

Answer 2

Depending on the CPU Constraints of your web-hosting service you can write a service to 'serve' the images to your users.

Here is some very BASIC code, it needs spiffing up and cleaning up for XSS/etc...

<?php
$basePath = "/path/to/my/image/store/not/web/accessible/";
$file = NULL;
if (isset($_GET['file']))
  $file = $_GET['file'];

if ($file != NULL)
{
   $path = $basePath . $file; 
   // $file needs to be checked for people 
   // trying to hack you, but for the sake of simplicity
   // i've left it out

   $mime = mime_content_type($path);
   $size = filesize($path);
   header("Content-Length: " . $size);
   header("Content-Type: " . $mime);
   header('Expires: 0');
   readfile($path); // Outputs the file to the output buffer
}
?>

Obviously you can put whatever security checks in here you want. But this way your files are below the web dir, and you can apply logic to thier accesibility. This is typically used more for FILE vs. Images, but you can do the same thing here.

Images Accessed like this

http://www.mysite.com/image.php?file=hello.jpg

And you can use mod_rewrite to rewrite urls like this:

`http://www.mysite.com/images/hello.jpg

Into the first url.

I Cannot stress enough the need for further security checking in the above example, it was intended to show you how to serve a file to the user using PHP. Please don't copy & use this verbatim.

Answer 3

why are you concerned about revealing your image location. Hotlinking? if so you can prevent hotlinking with htaccess

http://altlab.com/htaccess_tutorial.html

Answer 4

Didn't you get your answer already?
Every site reveals image location to the browser. It's just the way web works.

Got any reason to "encrypt" original location?

Answer 5

As long as you check correctly WHAT is being uploaded, it shouldn't be a problem. So please at least use getimagesize or a similar function to make sure it's an image that's being uploaded, AND make sure the extension on the file is correct so that it will never be run through the PHP interpreter - to prevent someone from uploading an image with a PHP script attached.

BTW Here's a nice whitepaper on uploads and security : http://www.scanit.be/uploads/php-file-upload.pdf