0

Once users upload their images to a non public (i.e outside htdocs or public_html folder) folder, I use GD to fetch the image from that folder. This is all in the name of security, as the images themselves are never displayed without being processed.

The issue lies in animated GIFs, which GD is only capable of displaying by showing only it's first frame.

I know that there are classes out there that can slice the gifs up into their respective frames and "glue" them back together, but I'm looking to display these on the fly...

I don't want to create a new animated gif and show that, but rather have a GD script that renders the image from the information it gets from the photo directory, located outside of the public folder.

Thanks so much!

Joseph Szymborski
  • 1,241
  • 2
  • 17
  • 31
  • Do you want to process the image somehow, or will you be displaying it exactly as stored? – temporalslide Sep 03 '12 at 02:46
  • Displaying it exactly as stored – Joseph Szymborski Sep 03 '12 at 15:25
  • there are better solutions to this than PHP. Apache has a module that allows you to run a processing script but then it handles serving the file that would be better (I can't remember what it's called right now, sorry). Also, what kind of animgif needs security protection? Over-doing this could lead to excess load on your server for no good reason, potentially even making a DoS attack possible. If you're really worried about security, think about that aspect as well before getting fixated on processing every image load. – Spudley Sep 03 '12 at 21:23

1 Answers1

3

If you're not manipulating the image at all, I would just return the contents of the file with the correct header.

For example:

<?php 

$file = 'whatever.gif';

// Do whatever checks you want on permissions etc

header('Content-type: image/gif');
readfile($file);

?>

Readfile outputs the contents of the file, and the header makes sure the browser sees it as a gif and shows it. Because you're not using GD it will still be animated.

The catch with this method is you'll need to know the content type for each file to server it correctly.

http://php.net/manual/en/function.readfile.php

temporalslide
  • 957
  • 6
  • 9