Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 4 of 4
  1. #1
    New Coder
    Join Date
    Jun 2004
    Location
    Los Angeles, CA
    Posts
    92
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Image Loading Times

    Hello, I have a question regarding the loading time of <img src="..">

    I currently have a script that allows users to upload images to my server and then display it to them on a page. I place the uploads dir above my wwwroot so evil scripts cannot be run by HTTP access. By doing this, I have to access the images using
    <img src=\"get_image.php?imagename={$row['ID']}x{$row['PictureType']}\" width=200 height=200>

    Note that $row['ID'] is the unique picture ID and $row['PictureType'] is the MIME stored in database.

    The code called get_image.php as follows:

    PHP Code:
    <?
    header
    ("Pragma: public");
    header("Expires: 0");
    header("Cache-Control: private");

    $array explode('x'$_GET['imagename']);

    //see which type of image it is
    if ($array[1] == 'gif') {
       
    header("Content-type: image/gif");

    } else if (
    $array[1] == 'jpg') {
       
    header("Content-type: image/jpeg");
       
    } else if (
    $array[1] == 'png') {
       
    header("Content-type: image/png");

    } else if (
    $array[1] == 'bmp') {
       
    header("Content-type: image/vnd.wap.wbmp");
     
    } else {
       die(
    "No image support for this file type.");
    }

    $SRC_FILE "/outside/uploads/$array[0].$array[1]";
    $filename basename($SRC_FILE);

    header("Content-Disposition: inline; filename=$filename");
    header("Accept-Ranges: bytes");

    @
    readfile($SRC_FILE);
    ?>
    It seems that using <img src="getimage.php..."> is slower at loading (as I scroll the page down it lags...) versus if I just upload the image and use a direct <img src= "exact location">, it seems to lag less.

    Is this method really slower and what could I do to help this situation? Thanks for the help :P

  • #2
    Super Moderator
    Join Date
    May 2002
    Location
    Perth Australia
    Posts
    4,096
    Thanks
    11
    Thanked 101 Times in 99 Posts
    Absolute paths are always faster than relative paths since no translation has to be done by the server.

    That said the difference should not be noticable.

    In your case you are still doing path translation in your PHP script as well (slower than the webserver doing it for you) .

    However again the difference should not be noticable.

    To be honest I really don't see the point of storing images above the web-root (use .htaccess to control access instead) , if you display 10 images per page you are dong 3-4 times the work per image, something that would eventually be noticable on a busy shared server.
    resistance is...

    MVC is the current buzz in web application architectures. It comes from event-driven desktop application design and doesn't fit into web application design very well. But luckily nobody really knows what MVC means, so we can call our presentation layer separation mechanism MVC and move on. (Rasmus Lerdorf)

  • #3
    New Coder
    Join Date
    Jun 2004
    Location
    Los Angeles, CA
    Posts
    92
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Thanks firepages for the response. Because of what you are mentioning, I'm thinking of just putting the uploads folder under wwwroot so I can directly access them without the get_image.php for FASTER loading in case of multiple images.

    The only worry I had for placing them inside the wwwroot was that someone can upload a php script and then execute it in HTTP. I am sure you are aware of that risk as well. Now your solution to this is just to .htaccess protect uploads dir (inside wwwroot) and control access. Could you emphasize on that method? Example?

    Appreciate it!

  • #4
    Super Moderator
    Join Date
    May 2002
    Location
    Perth Australia
    Posts
    4,096
    Thanks
    11
    Thanked 101 Times in 99 Posts
    Hi ok , I assumed you were trying to prevent hotlinking or the like which is why I suggested .htaccess , however

    Order Deny,Allow
    Deny from All
    Allow from yourdomain.com

    in a .htaccess will also prevent anyone executing the `script` directly via the browser, you can also use mod_rewrite if you want to & there are loads of examples of that to be found via google.

    However if you are using the correct upload routine then I dont see how anyone is going to be able to inject a script into your folders in the first place , checkout the example upload routines at php.net http://au.php.net/manual/en/features.file-upload.php

    look especially at $_FILES['userfile']['type'] which can verify the mime-type of the file.
    resistance is...

    MVC is the current buzz in web application architectures. It comes from event-driven desktop application design and doesn't fit into web application design very well. But luckily nobody really knows what MVC means, so we can call our presentation layer separation mechanism MVC and move on. (Rasmus Lerdorf)


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •