how to prevent images being copy or download?

> There are few options for how to anti-copying.

If *any* of them worked, so you really think they wouldn't be implemented for drupal by experts? The reason there is no 'image protection' built into drupal (or any other cms) is that there *is* no protection if you want anonymous users to view your content.

> I found so many sites when you try to download the images,
> they only offer a untitle bmp or gif files which could be download.

Look in your browser cache; the image is there (and the transparent gif)

> disable the right click.

Turn javascript off to enable right-click, or don't bother because the image is already in your browser cache.

> I found some of the sites, when you right click, it will show a link which doesn't point to the image address

Doesn't matter where the link points to; just open your browser cache - the image is there.

Here is the one and only rule that any 10 year old needs to know (and most of them do):
'if you can see the image, it is already in your browser cache'.

How long does that take? Open cache -> sort by date -> got the image in 10 seconds.
This works for *any* protection scheme you may try to instigate.

If you want a closed website (ie. no anonymous users can see or link to any of your uploaded files or images), you can use drupal's 'private file system'. For your File system path: you must type ../private exactly like that. Or if you have drupal in a subfolder: ../../private. Doing this creates a folder for your files which is above the public root. This means only authenticated users can ever see or download those files - if node permissions are set to 'anyone', they'll see the nodes without the images, and links to the files won't work.

anti is quite right-- if your user can see the image, they have the image. period. don't waste your time.

the only even remotely effective tactic is to watermark them-- but even that can be overcome by someone with enough patience and gimp/photoshop.

===
"Give a man a fish and you feed him for a day.
Teach a man to fish and you feed him for a lifetime." -- Lao Tzu
"God helps those who help themselves." -- Benjamin Franklin
"Search is your best friend." -- Worldfallz

I am also looking for the best way of protecting images.

I know there is no technique to protect them 100%, but still is a request of my customer. I am just looking for a solution that will prevent 80% of my users to download the images, I don't mind if a couple of them manage to do it.

Has anyone found any module that will do the job?
Any technique recommended?

Thanks

I would like to share my experience to date.

A client who creates custom cake designs posts images on her site and wanted to stop other people from copying images. I have indicated that ultimately, if anyone wants to copy an image they can, using a variety of measures, including screen grabs, code hunting, etc.

However, she was unmoved.

We incorporated watermarking on all images. This was a good first step.
We also incorporate the following code at the template level:

  <script type="text/javascript">
    $(document).ready(function(){
      $("img").bind("contextmenu",function(e){
        return false;
      });
    });
  </script>

Which in most browsers prevented the rightclick and save function.

The feedback from the client has been very positive. Most casual users cannot get around this, and this was precisely the people she was targeting. I would also say that most of them wouldn't even know what a browser cache is.

For example, one potential client rang up and said 'I'm trying to save an image of one of your designs from your website, but I can't do it, can you send it to me?'. In many cases this would be to send to other competitors to get another quote on her own design, which is what we are trying to prevent. Because of the market, the combination of code and watermarking has achieved her requirements. The above example initated a conversation with the potential client, which turned into a sale. Bingo!

Of course we cannot measure exactly the failures of both technologies being incorporated (ie, individuals who were able to successfully download or screenshot images). However for the casual market out there, anecdotally, the combination has proved to be effective so far. Hope this has helped some.

I haven't tried this approach in Drupal, but did apply it on a custom PHP-built site some time back that wanted to prevent someone linking to their images directly from another site, and they didn't want to mar the images with watermarks. It's basically a single-use URL. It doesn't get around the "not copying" problem though (with the other guys about creative ways to get an image already downloaded to a browser), but did help with my client's very specific use-case.

1. When generating the IMG tag, generate a random MD5 hash, and associate it in the session variable with the image file desired.
2. Point the tag's src attribute to a PHP script (in this case probably a Drupal module that can return a "page") that takes the MD5 hash as a query string arg, e.g. http://example.org/image.php?id=9e107d9d372bb6826bd81d3542a419d6
3. Implement the image.php script to look up the "id" GET variable in the session to retrieve the real filename
4. Use some PHP magic in the script to manage the output buffers, set the MIME type, content length, and then pass through the raw image file content
5. When done, the script should unset the session var so the MD5 key is no longer valid for retrieving an image file

Again, this doesn't prevent copying, and still can be circumvented (use wget or similar to retrieve the raw HTML, then scrape the IMG tag's src attribute to retrieve the image once), but again we were addressing a less-technical userbase that wouldn't go to those lengths.

This worked for me with a little tweaking:

http://javascript.internet.com/page-details/no-right-click.html

Or this one is even better:

http://www.java-scripts.net/javascripts/No-Right-Click.phtml

project -> copyprevention