"Innovation comes only from readily and seamlessly sharing information rather than hoarding it."- Tom Peters
Development Blog

Articles - PHP entries

Protecting Images using PHP and htaccess

Sources to check

In this article, we're going to tackle a few different tactics to safeguard images. But, let's first think about what ways people can get images.

  • Direct path - if a user knows the path to an image, they can simply go straight to it, and download the image.
  • Drag and drop - in most browsers today, you can simply drag and drop an image right onto your desktop.
  • Hotlinking - another website can link directly to your image
  • Screenshot - a visitor can simply take a screenshot of your page and crop the image.

How to fix them

So, now that we've established where our problems are, how can we fix them?

Building a Simple Module in Drupal - Part One


Building a Drupal module is actually not as hard as it sounds. You just need to learn what's needed, and how Drupal does things. Once you figure that out, you'll be good to go. There are three files that you need to start off with. Each of these files will have the * replaced by the name of the module. These files are:

  • The *.info file
  • The *.install file
  • The *.module file

The .info file

The .info file contains the information to register the module with Drupal's system. Let's take a look at what is required.

Form Security using PHP

What we will do is allow a user to pass an array of element "names" that they want to be hidden.  Some examples might be "firstName", "lastname", "email", or "username".  Our PHP class will return these elements as hidden input elements, and then store them into a session variable.  After the form is submitted, the class will check all of these elements to see if any are filled.  If any are filled, we know something has happened.  So... let's begin.

First, we need to build our PHP class.  Here's the barebones...


class safeForm {
     //This variable will store the current data.
     private $data = array();    

     //This variable will store the old data to be checked.
     private $old_data = array();

     //This function will actually do the input element creation.
     function setFields($fieldNames) {


What you see are our two variables, one to store our current data, and one to store the old data. Our function setFields() will actually do the creation of our hidden elements. The variable $fieldNames will be an array of string elements of the field names to hide.