View Full Version : Limit access to the full size image
February 10th, 2005, 10:07 AM
I'd like to have a way to limit access to the full size image by usertype.
Basicly I'd like to prevent standard users from accessing the original file (which is often quite large.)
February 10th, 2005, 10:15 AM
Usergroup Permissions - "Can View Large Images"
Though, that only allows them to see thumbnails. Maybe a suggestion for a new permission for "Can View Original Image"?
February 12th, 2005, 10:40 AM
February 12th, 2005, 11:00 AM
Should be easy enough for Brian to throw in there, and could be a useful feature.
February 14th, 2005, 10:58 AM
/forum/includes/init.php - Look for:
'cansendecard' => 4194304
'cansendecard' => 4194304,
'canvieworiginal' => 8388608
/forum/includes/adminfunctions_gallery.php - Look for:
print_yes_no_row($vbphrase['can_view_large_images'], 'usergroup[canviewlargimage]', $perms['canviewlargimage'], iif($category, 'js_set_custom();'));
print_yes_no_row('Can view original images', 'usergroup[canvieworiginal]', $perms['canvieworiginal'], iif($category, 'js_set_custom();'));
/gallery/showimage.php - Look for:
if (!$categoryperms["$image[catid]"]['canvieworiginal'] AND $original)
Upload the files and then go change the permissions for your usergroups. :)
February 14th, 2005, 11:01 AM
Will this be included in the next release?
February 14th, 2005, 12:00 PM
Just an FYI.
This change works as long as Open Original in New Window is set to "No". If it's set to "Yes" the the image still opens in the new browser window.
February 14th, 2005, 12:01 PM
Ah... Yes. It would need to check the permission, and not make the image into a link at all if you don't have access.
February 14th, 2005, 12:03 PM
But, you know, for example, if you give a user access to view thumbnails, and nothing else, they could still directly view the medium or full size images easily, by changing the url and modifying the filename. No way to limit them completely without having all your images outside the web root and have the Gallery feed them to the browser using PHP code. (major CPU hit on the server)
February 14th, 2005, 12:19 PM
True. However the intent of the modification is to block the "normal" user that's not supposed to have access. Given that, it would seem that this modification just needs to be tweaked as bit.
The reality is that if you want to block general access by a determined individual the images should be stored outside the root folder so that only the application can have access to them.
vBulletin® v3.8.1, Copyright ©2000-2014, Jelsoft Enterprises Ltd.