html question about preventing image caching

[bitt3n]

my site generates images dynamically that users can link to for use as signature images in web forums and blogs hosted on other servers. However, the forum/blog site often shows an outdated image because the browser has cached an older version of the dynamic image (which of necessity must always use the same file name).

How do I ensure that the image is not cached, so that the most recent image is always displayed?

I found an existing site that puts slogans in signatures and also generates these images dynamically, and seems not to have this problem. The link to the dynamically updating (every 30 seconds) sig file on this site is:

<img src="http://www.sloganizer.net/en/image,sample,white,black.png" border="0" "/>

so there seems to be some way to do it but I don't know how.. thanks for your help

I am also curious what the "image,sample,white," part of the image link does, since it is not part of the file name..

I have been told that I can use

Pragma: no-cache
Cache-Control: no-cache
Expires: 0

to prevent caching on my own pages, but if the images are hosted on a site over which neither I nor the user has control of the html, this is not an option.

Thanks for your help.

 

[tfinch2]

<META HTTP-EQUIV="Expires" CONTENT="0">
<META HTTP-EQUIV="Pragma" CONTENT="no-cache">
<META HTTP-EQUIV="Cache-Control" CONTENT="no-cache">

 

[bitt3n]

thanks tfinch2.. if you don't mind below is how I intend to implement the solution and I am wondering if you can confirm I have the right idea

right now my site dynamically generates a png file for each user, with the file being named 'username.png'. So what I understand I need to do is for each user generate a php file of the form

<?php
header('Pragma: no-cache');
header('Cache-Control: no-cache');
header('Content-type: image/png');
readfile('/pathtopng/username.png');
?>

and then instead of linking directly to '/pathtopng/username.png' the user must link using

<img src="http://www.mysite.com/pathtophpscript/username.php" />

and this will display the uncached png image (assuming the browser does not ignore the headers). Is my understanding correct?

 

[igowerf]

This is what PHP.net says:

<?php
header("Cache-Control: no-cache, must-revalidate"); // HTTP/1.1
header("Expires: Mon, 26 Jul 1997 05:00:00 GMT"); // Date in the past
?>

http://us3.php.net/header

Search for the word "cache" and you'll find some information.

 

[tfinch2]

Originally posted by: bitt3n
thanks tfinch2.. if you don't mind below is how I intend to implement the solution and I am wondering if you can confirm I have the right idea

right now my site dynamically generates a png file for each user, with the file being named 'username.png'. So what I understand I need to do is for each user generate a php file of the form

<?php
header('Pragma: no-cache');
header('Cache-Control: no-cache');
header('Content-type: image/png');
readfile('/pathtopng/username.png');
?>

and then instead of linking directly to '/pathtopng/username.png' the user must link using

<img src="http://www.mysite.com/pathtophpscript/username.php" />

and this will display the uncached png image (assuming the browser does not ignore the headers). Is my understanding correct?

I see what you mean about generating the png and it changing. But why do you need to generate a php file to display it? In the html file or php file where you display the generated png, just put the no cache meta tags, unless I'm still missing something.

 

[igowerf]

Originally posted by: tfinch2
I see what you mean about generating the png and it changing. But why do you need to generate a php file to display it? In the html file or php file where you display the generated png, just put the no cache meta tags, unless I'm still missing something.

I think you're missing something. Reread his post. His site only generates the images, and the images are displayed on other sites like forums. He does not necessarily have access to the HTML.

 

[bitt3n]

thanks that's exactly what I need.

I think this is a stupid question, but is there any situation in which a forum or website would refuse to display an image linked as a php script in the form

<img src="http://www.mysite.com/pathtophpscript/username.php" />

versus just linking to the image normally (directly to the .png)? ie, I am worried that maybe people using some types of forums or myspace-type sites or whatever may have restrictions of this kind on security grounds or something like that.

 

[igowerf]

You can probably do something with mod_rewrite if your server supports it:

http://www.phpfreaks.com/tutorials/23/0.php

This could mask the fact that you're calling a .php file instead of a .png file.

 

[bitt3n]

hm.. I finally got around to doing this, and it appears that the recommended 'no cache' command is getting ignored. I put the following code in my script, directly below the session_start() function call and above the includes():

header('Pragma: no-cache');
header("Cache-Control: no-cache, must-revalidate"); // HTTP/1.1
header("Expires: Mon, 26 Jul 1997 05:00:00 GMT"); // Date in the past


This failed to prevent caching of images on the page. Did I put the code in the wrong place? Is there something else I need to do to make it work? Any ideas would be appreciated.

(I figured I'd test the code on an existing page before actually implementing it as a way to call no-cache images.)

 

[notfred]

The header only applies to the PHP file that generates HTML if that's where you put it. If you want images not to be cahced, then you have to put it at the top of the file that generates images.

 

[kamper]

Originally posted by: bitt3n
thanks that's exactly what I need.

I think this is a stupid question, but is there any situation in which a forum or website would refuse to display an image linked as a php script in the form

<img src="http://www.mysite.com/pathtophpscript/username.php" />

versus just linking to the image normally (directly to the .png)? ie, I am worried that maybe people using some types of forums or myspace-type sites or whatever may have restrictions of this kind on security grounds or something like that.

As long as the mime type on the image from the php file is correct there should be no problem in theory. Myspace isn't exactly known for good security