Protect images and view


I have a problem with images. In my site I have a public catalogue of products and a private catalogue (user & pass).

Ok, where can I store the images of products? I don’t want everybody have access to this folder because there are some private images.

I try putting in protected/images, but I don’t know if this is the best solution.

Sorry for my english…


Now I have this code in the controller:

	public function actionImage($id)


            $filename = $id.".jpg";	

            $path=Yii::getPathOfAlias('webroot.protected.images') . '/';


            if (file_exists($file))


                header('Content-Type: image/jpeg');





And in my view:

<img src="<?php echo Yii::app()->createUrl('/products/image/'.$product->id_product) ?>">

This works great, my images are in protected directory and I can show it. But if anybody types in the url, …/2.jpg, …3.jpg, the images are accesible to everybody again…

Make sure the .htaccess file is in the protected directory.

You should also make so that the path /product/image/1.jpg is not a real file.

The base htacces is tought to serve a file if exists, and if not exists to pass the url to the application, therefore a real path will always take precedence on the application.

Can you show me an example please? I don’t understand it at 100%. Thanks!