How to restrict access to php program?

I have a php program that sends images to my html pages.
<img src="url/send.php?id=whatever" ...

How can I stop people from linking this php program from another site or
simply typing it into their browser address bar?
Can I stop a 'wget' for example?

Thanks,

gsb

re: How to restrict access to php program?

"gsb" <gsb@QWest.net> wrote in message
news:6FmDb.747$C05.52852@news.uswest.net...[color=blue]
> I have a php program that sends images to my html pages.
> <img src="url/send.php?id=whatever" ...
>
> How can I stop people from linking this php program from another site or
> simply typing it into their browser address bar?
> Can I stop a 'wget' for example?
>
> Thanks,
>
> gsb
>
>[/color]

1. allow only HTTP_POST
2. allow only your HHTP_REFERER
3. username & password
4. hosts.allow

re: How to restrict access to php program?

> How can I stop people from linking this php program from another site or[color=blue]
> simply typing it into their browser address bar?
> Can I stop a 'wget' for example?[/color]
No, you can't - what a browser can do, a download manager can do, too.

You could just stop some download managers by checking for theyr user-agents - that's all you can do.[color=blue]
> 1. allow only HTTP_POST[/color]
With Images?
[color=blue]
> 2. allow only your HHTP_REFERER[/color]
Many people have disabled the referer. But you can of course check for if there is a referrer, it has to be on your site.

--
mfg Christian (Chronial "at" web.de)

--
Composed with Newz Crawler 1.5 http://www.newzcrawler.com/

re: How to restrict access to php program?

"Christian Fersch" <Fraghunter@web.de> wrote in message
news:brl1tr$s9s$06$1@news.t-online.com...[color=blue][color=green]
> > How can I stop people from linking this php program from another site or
> > simply typing it into their browser address bar?
> > Can I stop a 'wget' for example?[/color]
> No, you can't - what a browser can do, a download manager can do, too.
>
> You could just stop some download managers by checking for theyr[/color]
user-agents - that's all you can do.[color=blue][color=green]
> > 1. allow only HTTP_POST[/color]
> With Images?
>[color=green]
> > 2. allow only your HHTP_REFERER[/color]
> Many people have disabled the referer. But you can of course check for if[/color]
there is a referrer, it has to be on your site.[color=blue]
>
> --
> mfg Christian (Chronial "at" web.de)
>
> --
> Composed with Newz Crawler 1.5 http://www.newzcrawler.com/[/color]

Guess you may be right about the POSTs Christian.
I misread his message as other people were sending (or uploading) images to
him.

re: How to restrict access to php program?

Christian,

I'm a light weight here for sure. Thanks for your help, all.
I do not understand "...checking for their user-agents..."
What would I be checking for and how could I use this.

xyzzy,

Thanks. I'm looking into both the http_referrer and my .htaccess settings.
Login is not an option here.

Thanks again all,

gsb

re: How to restrict access to php program?

Every Programm should give it's name in the user-agent Header when accesing a webserver.
Just don't allow acces with user-agents known as download managers.

But of course a lot of download managers fake theyr user-agent, so you can't protect yourself from them.

--
mfg Christian (Chronial "at" web.de)

--
Composed with Newz Crawler 1.5 http://www.newzcrawler.com/

re: How to restrict access to php program?

Thanks again.
gsb

"Christian Fersch" <Fraghunter@web.de> wrote in message
news:brnnja$h2h$01$1@news.t-online.com...[color=blue]
> Every Programm should give it's name in the user-agent Header when[/color]
accesing a webserver.[color=blue]
> Just don't allow acces with user-agents known as download managers.
>
> But of course a lot of download managers fake theyr user-agent, so you[/color]
can't protect yourself from them.[color=blue]
>
> --
> mfg Christian (Chronial "at" web.de)
>
> --
> Composed with Newz Crawler 1.5 http://www.newzcrawler.com/[/color]