Thread:Project:Support desk/Prevent unregistered users from viewing files, even if they know the URL/reply (2)

The files aren't even secured via obscrutiny that well (The random numbers are actually the first two digits of the md5 sum of the files name).

>"A PHP script that must be used to retrieve images and can dectect the login cookie would be better but I don't know of anyone that may have/be able to write such a script."

Actually we provide such a script (img_auth.php) with MediaWiki. See Manual:Image_Authorization