Web development

How can I access photos that are outside the web document tree?

Hello colleagues! I recently encountered the following problem, which I have been struggling with for several days now:
There is a website builder. All user files that they create and edit are stored outside the web document tree. To preview / edit the file, a php script-intermediary is used. This script includes the required file (in our case, the preview/edit file), and also prevents users from accessing other users' files while the main code includes the same script.
But the problems start when the user wants to add an image to their site. Suppose a file (which, I repeat, is located outside the web document tree) contains the following line (as a result of a user uploading a photo, and adding a photo to the user's project directory through a special interface):
<img src='photo.jpg'>
And here is the most interesting.
Let's say the user's project directory looks like this (outside the web document tree):

• photo.jpg
  
• index.html
  

And this is how the directory containing the files for previewing the user file looks like (recall that these files include user files, and these same files can also be included (using a connection or an iframe)):

• preview.php
  

When preview.php is run (with the necessary parameters, of course), it will find that the output contains an invalid link (photo.jpg).
So here's how to implement a mechanism that would not have the above problem. Is it possible to make any amendments to the existing system to solve the problem? How would you do it?
It is very important to somehow isolate users from each other. I mean security - through a browser (and without proper authorization) it should be simply impossible to get access to users' files.
Many thanks in advance to everyone who helps