Best Way to Prevent Picture Theft

[Trublu]

Hey ya'll,

I'm working for this company, and by default of having the most coding knowledge (they aren't a technologically savvy bunch) I'm in charge of the website. What they'd like to do is put up pictures of the events that they have, and offer them for sale. So, I'm wondering what you guys think is the most efficient way to protect the pictures until we receive payment.

I know that disabling the right-click is an (unreliable) option, and adding a watermark is an option, though not something I'd love to undertake for the volume of pictures. My boss "heard" that there is a way to reduce the quality of the picture when someone tries to print it as well. Don't know if you guys have any coding alternatives.

[dude]

There's never going to be a particularly effective way of protecting them from being stolen - the only way which is really going to work is with a watermark. You can use the GD library in php to do this automatically for all the files or it can be done with batch editing in photoshop. But just trying to make it more difficult by disabling right click or whatever is never going to work.

[Charles Stover]

Use PHP's image-editting functionality to automatically watermark images until they're bought.

EDIT: Displaying the full image in any way (even if you enable crap-quality printing, disable right clicking, disable view source, etc.) leaves it open to be stolen. So, what you'll need to do is make the full image inaccessible until after it's been purchased. In which case, only make it accessible to the buyer, of course.
So, on all displayed images, show the watermark. Use PHP.
Use mod_rewrite to redirect the image URL (e.g. /pictures/picture1.jpg) to the PHP editting file (watermark.php?url=picture1.jpg). watermark.php would open /pictures/picture1.jpg, add the watermark, and display the picture. Make sure that the full version of picture1.jpg is not accessible, even if they know the URL. The only way someone should get access to the unwatermarked picture1.jpg is if they are server administrators.
Good luck.

[Trublu]

Unfortunately, I'm not quite PHP savvy, but thanks for the tips everyone.

[Charles Stover]

Just check PHP.net for imagecreatefrompng. The links to the left (for the image library) will have everything you need.
If the image is a jpeg, imagecreatefromjpeg, and so on.
Then copy some watermark.gif file and paste it to the middle of the newly created jpeg/png/whatev.
Then output (imagegif, imagepng, imagejpeg, etc.).

It's not hard once you get started. It's about as hard as learning RegEx.

[perishingflames]

Did you even read his post?

[jadw2k9]

As other have said, there's no way to stop images being stolen. If I can see an image on a website, I can just press PRINT SCREEN and crop it. A watermark is a good idea although better still is to only show small thumbnails of some of the images. While it's still possible to steal the tumbnail images, they are very low resolution and it will encourage the downloader to buy the full-size version.

[Michael]

Also make sure you lower the quality of the image. Don't just shrink the image down in Photoshop, lower the actual save quality ... thus if they try to enlarge the image, they have less chance.....

[Todge]

It may seem obvious, but don't save the thumbnail to the same folder and with an obvious namechange, save them to a different folder at least, so any image thief can't decipher the full image URL from the thumbnail URL.

[Charles Stover]

I wouldn't have the full versions accessible at all on the website. Send them via e-mail or something. Besides the whole guessing-the-URL thing, if someone buys one and you send them the URL, they'd then have access to *all* the images, since they'd then know the directory for unaltered images.
So I'd e-mail it as an attachment or something, with no public access to the unaltered image (but server-side access so that you can watermark them).

[jadw2k9]

Though you can host the images online within a section that requires login. Then use URLs with long strings of numbers so that knowing the URL of one image doesn't give away the URLs of the other images.

But if you find server-side programming a problem, then e-mail or post would be easier and equally as secure.