Well after making good progress on my HAPPI system (holistic application programmers photograpic interface) it didnt start off like that it was just the Hairy Pies application but i was adviced that the business world may not like this.
Ive got a million other things to think about before i could possibly run a beta test.
Thanks to Simon and Dave yesterday i didnt get to sleep untill 2 am because i was wondering what the best way to restrict access to images would be.
I like the idea of a database approach but im still not sure if i wouldnt prefer to store them on a file system, sure replication of images becomes more complex but when im dealing with a potential of a million requests for images would the database have a fit.
Thats not the real problem though the real problem is security i was thinking about using a scripting language as a pseudo image so the user requests what appears to them is an image but has in effect a layer of code first. Kind of like a trifle where all you want is the jelly but ...
Anyway so what im thinking is that you could have a couple of methods of authentication. The first being that the page requesting the image would have to authenticate first, the system would check before sending out an image.
The second idea which would also be implemented would be to restrict to ip address, or url.
This is all well and good but, performance is going to if you pardon my expression piss on my chips. I can see at least one database call and definately a permission check for each image. This coupled to the average gallery containing 10 - 20 images = one nasty perfomance drain.