Advanced search  

News:

cpg1.5.48 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.
[more]

Pages: [1]   Go Down

Author Topic: Protect Image Location  (Read 3546 times)

0 Members and 1 Guest are viewing this topic.

ethan

  • Coppermine newbie
  • Offline Offline
  • Gender: Male
  • Posts: 3
    • creativecrap
Protect Image Location
« on: January 16, 2005, 02:24:34 pm »

I've search and read many threads about protect image location and watermark or something like that.
but there's no one looks great for me.   that's fine, i can do it by myself.
but there are too many place to be modified... it's not good for next upgrade of coppermine
also if you hide every image location by watermark, it might crash your server's and effciency is bad.

Why protect image location??
If you have any experience in coppermine, then you properly know the folder tree where all images stored.
And the naming function is too easy to guess, once i knew the thumbnail filename, just right-click and got it, then i know the original image filename.
so the member function looks weak for any album which could be preview by thumbnail.

I think the better way is separate the place/folder of  thumbnails (include normal size image) and original image
even renamed the original image
then all we have to do is protect the original image, even normal size image, by something like watermark
to hide the real path of orginal image.
Logged

kegobeer

  • Dev Team member
  • Coppermine addict
  • ****
  • Offline Offline
  • Gender: Male
  • Posts: 4637
  • Beer - it does a body good!
    • The Kazebeer Family Website
Re: Protect Image Location
« Reply #1 on: January 16, 2005, 05:22:56 pm »

The dev team doesn't care much about watermarking.  We all know it's virtually impossible to protect your images unless you add a watermark before uploading.  On the fly watermarking just eats up cpu cycles.

We won't add this to the core code.  If people want to make watermarking mods, they are welcome to.  Personally, if I wanted to protect my images, I wouldn't keep them on the internet.
Logged
Do not send me a private message unless I ask for one.  Make your post public so everyone can benefit.

There are no stupid questions
But there are a LOT of inquisitive idiots

ethan

  • Coppermine newbie
  • Offline Offline
  • Gender: Male
  • Posts: 3
    • creativecrap
Re: Protect Image Location
« Reply #2 on: January 16, 2005, 10:19:59 pm »

Thanks for notice  :)
I don't care about watermarking neither.  just one of hide image location methods.

take phpBB Attachment MOD for example

this url shows a thumbnail
Code: [Select]
<img src="download.php?pid=1&thumb=1">
and this url shows the original image
Code: [Select]
<img src="download.php?pid=1">
at the same time, in download.php, it may check user's permission also.
and prevent people from accessing images directly include those who doesn't have permission to access


Logged

Joachim Müller

  • Dev Team member
  • Coppermine addict
  • ****
  • Offline Offline
  • Gender: Male
  • Posts: 47843
  • aka "GauGau"
    • gaugau.de
Re: Protect Image Location
« Reply #3 on: January 17, 2005, 03:46:49 am »

I know no method that can really disguise a pic's url, unless it is created dynamically when requested (and permission checks have been performed before). People will always be able to steal your pics if you publish them on the internet, there are just ways to make this harder for them, but none that makes it impossible. The discussion has been lead before on "no-right-click" scripts that deny users this ability: imo all you do by applying such "tricks" to your pages is make people even more eager to actually steal your site's content. Disgusing image locations by some redirection mechanisms might do the trick on some servers, but will be impossible on others (e.g. everything that is related to mod_rewrite that will only work on Lunix/Apache).
I fully agree with kegobeer: such code doesn't belong into the core code of coppermine, as it will make the usage of coppermine even more complicated for most newbie users. Instead, it should be done as a mod - preferably using the new plugin api that is going to be part of cpg1.4.x

Joachim
Logged
Pages: [1]   Go Up
 

Page created in 0.027 seconds with 19 queries.