|
|
Posted by Iain Napier on 12/17/05 04:48
alex wrote:
>
> It may not be the easiest solution, but it is the most effective..
> considering storing the files in a mysql database. Many people forget
> you can easily store and retrieve binary data from the db. This way,
> you can highly control when and if the data stream is sent to the user
> from the db, and it's nearly impossible for anyone to get data out of it
> without properly authenticating via your scripts.. using this method,
> there is no direct http path to the file.
This certainly sounds the most secure option. Is this likely to give
the server much of a performance hit?
> Secondly, you can store the files outside of the webroot.. sounds like
> you're using shared hosting here, so instead of putting the files in
> your public_http, put them somewhere else, then your download script
> just sources that file, whereever it is (fopen) and sends it..
This is interesting.
However FTP'ing into the server dumps me chroot'd in wwwroot so I can't
directly upload files elsewhere, perhaps a PHP script would allow me
access to some other directories on the server though? (Is this likely?)
If I could execute a shell script from PHP to create another directory
and move uploaded files to it that could be a workaround.
I'll rustle up a script tomorrow to test it (It's nearly 3am!)
Navigation:
[Reply to this message]
|