I guess my collegue would have preferred that you sent him a note that you currently have no time to collect details because of work load... At least I personally would have expected that.

To your two questions:

1. You can store the main albums folder with the full images outside the webroot (Note: Multimedia files will not work) but not the cache folder (if someone views it he got it already anyway). You can protect all using proper robot.txt and htaccess though. Or just htaccess password protect the whole page.

2. There are two plugins "quota_manager" and "image_upload_limiter".

@acrylian: I did email him, but he did not respond. I will try again.

"You can protect all using proper robot.txt"

Could you give an example of proper robot.txt?

"Or just htaccess password protect the whole page."

Do you mean password protect the whole page? Or password protect the htaccess?

Regarding robots.txt recommended read: http://www.robotstxt.org/

I meant using a htaccess password which is the only way to really protect a site. You then need a password to access the site itself. The Zenphoto password blocks only the access via the site itself, not the access direclty or to images.
Recommended read: http://httpd.apache.org/docs/1.3/howto/htaccess.html

As I recall, we did have an email converstion about your request which was left last mail I saw that you would either work out a statement of requirements or hire me on time-and-materials to help you do so.

That is the last I heard from you. I doubt that your response got put in the spam bin since none of your previous mails did, and I do peruse the spam file for false positives. But maybe you changed you email address and used a spam sounding subject. If so, resend your last communication.

You got mail.

I got your mail. I have responded. Bottom line, this is not a statement of requirements. You need to be explicit of what you want done for you.

@sbillard - Lets move the discussion of requirements offline.