how to protect images inside upload folder from viewing by anyone EXCEPT admin

Question

Ok, desired (probably impossible?) scenario is next:

1) anyone can upload image(s) to folder

2) only admin, via web admin interface/regular, password protected admin panel can see it

I guess it is impossible, unless i store images to database directly (as BLOB type), and show them inside admin panel (which will decrease performance, i guess).

So, what i could do, a) except to place blank index file in upload folder (already done) but i guess there are ways to guess/get names of files

b) and maybe, add some .htaccess protection (what would be your advice?)

Again, uploading is a part of form (there is no registration required!), i need some way to allow only admin to see/download images, but to protect it from others, because sensitive data are in question.

Answer 1

you can after upload, encrypt the images with the admin's public key, so only admin's private key can decrypt and view.

Answer 2

Here you go:

1) Do not store files in your DB. Ever.

2) Protect the upload directory (where ONLY uploaded files will live) with an .htaccess - "deny all" (basically) -- or store the upload directory somewhere NOT public to the web (see #3, below)

3) Have an interim file that serves file downloads (is user logged in? If so, set headers and readfile() the actual file - this will force the file to download. The database should store the file name, path, and other relevant details)

The PHP upload script can save files in any directory, even the one with the .htaccess in it.

Answer 3

Once the form is submitted, you can do ANYTHING you want with the files uploaded.

Why don't you store the images in a folder that is simply not accessible from the web, and then programmatically provide access to those files from the admin interface?