I'm planning an application. The application serves a lot of images. Because I want images to be only available to those with a password and at the same time I want to avoid the hassle of htaccess and htpasswd files my plan is to store images outside the web directories and serve them using readfile.
My question is: how much of a performance difference might there be in using readfile() than having Apache serve the files directly? I just don't know enough about how Apache and PHP work to know if my plan is sensible or not.
OK. So I've done some browsing around on this site and some people do suggest using readfile() as a way of 'securely' serving images - which can now be stored outside the web root. I just have this feeling there must be other options between this and htpasswd. (Thanks for the comment below from Pekka about x-sendfile. It is just that in this case that isn't an option).
Thanks
The problem is i like PHP but its not the fastest programming language for such things. When you really need performance you should take a look at HipHop from Facebook to compile your files to native C.
I don't know the size of your site but readfile() and file_get_contents() could be very slow and take a lot of memory when you have a lot of requests.
But this is only possible when you have root access.