|
|
Posted by alex on 12/17/05 04:16
Iain Napier wrote:
> I'd say this isn't a new problem! How have others achieved the same
> thing on their sites?
It may not be the easiest solution, but it is the most effective..
considering storing the files in a mysql database. Many people forget
you can easily store and retrieve binary data from the db. This way,
you can highly control when and if the data stream is sent to the user
from the db, and it's nearly impossible for anyone to get data out of it
without properly authenticating via your scripts.. using this method,
there is no direct http path to the file.
Secondly, you can store the files outside of the webroot.. sounds like
you're using shared hosting here, so instead of putting the files in
your public_http, put them somewhere else, then your download script
just sources that file, whereever it is (fopen) and sends it..
--
alex ~ alex@aeshells.org ~ www.aeshells.org ~ www.aeirc.net ~
USER, n.:
The word computer professionals use when they mean "idiot."
Navigation:
[Reply to this message]
|