I have a Joomla! site and for each user I have an image. What I want is to keep the image private to the user but temporarily make it (well, a copy) public.
My thinking was to have the user click a link which calls a "publish.php" script. This script would take the user name and create a temporary (30 seconds) folder and copy their private image into that temporary folder.
The script would then generate a random key and build a URL using the username and key i.e. www.site.com/photos/get_photo.php?key=username.*key*
Then when someone goes to that link (via QR scanner) the "get_photo.php" script would check the key was valid and if it was display the image.
I want the photos public in the sense that given the URL anyone can see it but not public in the sense that anyone can keep polling my server and dragging down photos as and when they become available.
I'm stuck with the security of the original photos, if they are private the script can't access them but if they are public, if defeats the purpose of making them temporarily public.
Next problem is generating a key in one script that can be verified by the other script.
Many thanks for any guidance.
