scriptygoddess

1 | Jennifer

February 19th, 2003 at 9:22 pm

Ok – here's another catch.. if the user views source, puts the path to the chimage.php page WITH the "image=name.gif" in there, it will show just the image… from THAT page, they can right click and save the image.

Can anyone figure out how to get the chimage.php page check to see if IT"S the page in the url, and if so – redirect… I'm trying to do that right now, but so far no luck…

(chimage.php page comes from the protect image with php link)

2 | Joshua Ferguson

February 19th, 2003 at 9:35 pm

Jennifer,

Can I even use the chimage.php dealio? I'm using the BlogStyle Photoblog template which uses the following:

<img src="<$MTEntryMore$>.jpg">

to show the images.

3 | Jennifer

February 19th, 2003 at 9:41 pm

You'd have to change the paths to something like:

<img src="chimage.php?image=<$MTEntryMore$>.jpg">

moving your images to a different and/or protected directory you specified in the chimage.php page…

4 | Anabella

February 19th, 2003 at 9:46 pm

I had a few codes on my photography site. All the while, my roommate in the room next to me was saving my photos and sending them off to people – when I asked how she did that, she said that with her XP she just puts her mouse over the picture and there's a menu that appears with icons to save as the picture, etc. My XP doesn't do that – nonetheless, is there anyway to go around this?

5 | Jennifer

February 19th, 2003 at 9:48 pm

FYI – if all you want to do is prevent linking – this htaccess trick is probably better – What I'm trying to do here is also make it harder for people to download the image…

6 | Jennifer

February 19th, 2003 at 10:00 pm

Anabella – I think the thing you're talking about is a preference (set in tools – internet options – advanced tab – under "multimedia" – you can turn on "enable image toolbar" (this will requre you to restart your machine before it works…)

This script seems to bypass that "option"… I gave it a try, and I"m seeing those little download buttons, but NOT on the image with the "protection" script… (but as I said, there's still a way to download it – but there's got to be something else we can do to the script so that it doesn't load the image if the page is called directly…)

7 | Mad Bull

February 19th, 2003 at 10:24 pm

Well, if you use the IE menu options "File"/"Save As" you can save the page and the images… This ought to be disabled for this project to be called successful… How to do it? I dunno yet, but I mean to find out!

8 | Jason D-

February 19th, 2003 at 10:28 pm

If you are trying to really discourage easy download of an image there is a very effective method that can be done with a pretty simple little php action. Make a table the same size as the image you want to display. Use a 1×1 pixel trans gif as your image tag in the td and put the real image you want to display as the td background image. Couple that with the htaccess trick and your images are pretty safe. Used the combo for years.

9 | Jennifer

February 19th, 2003 at 10:30 pm

Well, I figured out something you can do so that they can't call up the image by just doing chimage.php?image=file.gif in their browser. In the chimage.php page, look for this line:

if (empty($referrer) || isreferrerokay( $referrer, $validprefixes )) {

change it to this:

if (isreferrerokay( $referrer, $validprefixes )) {

and then do the "disable right click" trick.

Side note: Disabling right clicking will piss a lot of people off (heh. Me included, I use it all the time, not just to "download" images… I use it to open links in new windows, etc.). Also – there is no fool-proof "protection" once images are up on your server and not inside a "protected" folder… If nothing else, it's in the cache and can be found that way. So these tricks only make it difficult for someone to get the images… </end disclaimer/soapbox >

10 | Phil Ringnalda

February 19th, 2003 at 10:31 pm

One thing you may want to keep in mind is that not only are there a great many ways around it (for instance, I went to the demo page, right-clicked the tab in Phoenix, selected "Permissions" from the tab extensions menu, disabled Javascript for that tab only, reloaded, and right-clicked to my heart's content), but also there are quite a few people who will think that your denying them the use of part of their browser puts you on the same level as the most extreme popup ad programmers, who put the browser into fullscreen mode and prevent anything but pulling the plug out of the wall from stopping them. You might have such compelling content that I would stick around after discovering that you feel free to disable my browser, but so far I have never, ever, seen anyone who did. Generally what I do on discovering that right-clicking is disabled is to "steal" a copy of one image (because after all, it's always incredibly easy even without right-clicking), and then leave. So you might want to balance that against your desire to thwart people who don't know that there's any way other than right-clicking to save an image.

11 | Jennifer

February 19th, 2003 at 10:33 pm

Jason – now THAT is a neat trick!! actually rather than just doing the background="image.gif" – you could still use the php script above: background="chimage.php?image=image.gif"
I'll add a demo page for it…

12 | Jennifer

February 19th, 2003 at 10:36 pm

Phil – yeah, aware of that… just posted a note to the same effect 1 min before you 😉

Madbull – doing save as – didn't download the image… did it for you? (I'm using IE 6 on XP)

13 | Jennifer

February 19th, 2003 at 10:41 pm

Ok try THIS ONE (it uses the combo php script (WITH my change noted above) and background image… yes, it *looks* like you can right click on the image – but what you'll be "taking" is a transparent gif) – also, when I did "save as" it didn't download the gif… No, it's not 100% fool-proof – but it allows right clicking (without allowing image download) and makes it just hard enough that you can't get the image…

14 | Jason D-

February 19th, 2003 at 11:11 pm

It puts a pretty big barrier to the user who is casually trying to steal your images. If they REALLY want them though all they have to do is dig thru their cache files but we won't tell them about that one But the table, script and htaccess all combined will get you really far.

15 | Mad Bull

February 19th, 2003 at 11:16 pm

It downloaded the image for me using IE6 on Win2k…. In fact, it downloaded that image AND spacer.gif in your updated test page.
Re Anabellas query, to disable the IE6 toolbar for the whole page, use "" after your tag. To disable it for particular images, use " galleryimg="no" />. "galleryimg="yes" will enable the toolbar for that img only… See http://www.thesitewizard.com/webdesign/imagetoolbar.shtml

16 | Mad Bull

February 19th, 2003 at 11:21 pm

Sorry, use &ltmeta http-equiv="imagetoolbar" content="no" /&gt for the whole page
Use &ltimg src="" galleryimg="no" /&gt for blocking the IE6 toolbar for a particular image and 'galleryimg="yes"' turns it on for that img

17 | nolageek

February 20th, 2003 at 4:22 pm

The casual user that is "stealing" your images isn';t going to be using them maliciously. The users that are going to pass them off as their own, or do something else "bad" with them already know to look in their cache for your images, all alphebatised and in neat little folders… just view by date/time and your whole gallery is there. All this right-click-preventing does is piss people off that want to view the source of your pages or want to print something from your page, or move back or forward within your site, or possible want to "MT it!" one of your articles.

If you want people to not be able to download your images, don't put them on the web.

Now, hotlinking or passing them off on their site as their own, is a whole other issue.. but it has nothing to do with right clicking.

This is like putting land mines in your yard to stop your neighbor from walking his dog in your garden. Sure, his Basset Hound can't use your pagonia's as a toilet.

Just my two cents.

18 | Jennifer

February 20th, 2003 at 10:22 pm

you're late to class – we already covered that. 😉

19 | Jennifer

February 20th, 2003 at 10:33 pm

Oh, one more thing about the right clicking – you *can* disable this for images only. (Saw this on Dawn's site). She uses this script here on dynamic drive. At least this way users can right click links (to open them in new windows) – but not on the images.

(and YES – I'm aware there's an easy way around these types of javascripts… no more beating the poor dead horse, okay?) 😉

20 | VIncent

February 21st, 2003 at 9:40 am

** looks at dead horse

Me: Hmmmmmm

** kicks dead horse

Yeah. Guess I did.. oops, sorry! heheh

21 | Meredith

February 22nd, 2003 at 10:53 am

I'm with Jennifer. I wish more people would find another way to protect their images, because disabling right-click drives me batty. 75% of my right-clicks are for something other than getting an image.

22 | Mark

March 1st, 2003 at 11:57 pm

You can get around this using opera.. doesnt matter how theimage is on the page, you can save it.

23 | AEJA

February 29th, 2004 at 11:06 am

Do you have code that disables a viewer from being able to drag an image out of your webpage and then dropping it so that it is saved to an email? I think it is called drag and drop

24 | Karl Manning

March 19th, 2004 at 5:04 am

Hi,
Looking at your comment Posted by: Jennifer on February 19, 2003 09:22 PM
about checking URL. Could you not pass coded parameters to the routine instead that would look random but could be decoded to verify? Something like Date/Time and a checksum based on some of the digits? Your calling page would probably need to be PHP to achieve this.

25 | Dave Banks

June 1st, 2004 at 8:50 pm

Hey, If you use frames, the person will have a harder time finding a way through the whole mess to find the image. Do that and the code to disable the right click and you should be fine