Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Question] Access to files stored in non public folder #860

Open
joancipria opened this issue May 8, 2017 · 6 comments
Open

[Question] Access to files stored in non public folder #860

joancipria opened this issue May 8, 2017 · 6 comments

Comments

@joancipria
Copy link

Hi. First, thanks you for this beautiful framework. I really love it! Here is my question:

My users upload some sensible files to the server. This is working perfect, I've created a "docs" folder in the root of the project and when somebody upload something, it goes there.

Now my problem, I want to access this files (img, pdfs) via the admin user. The main problem is that the files are in a non public folder. I know there should be a very easy way, but I don't know it.

Any idea?
@joancipria joancipria changed the title [Question] Acces to files stored in non public folder [Question] Access to files stored in non public folder May 8, 2017
@panique
Copy link
Owner

panique commented May 8, 2017

Hi, thanks ! :) Good to see that this little framework is useful for you!
Can you say how exactly you want to access these files ? More like viewing or editing them or downloading them ? Do you have like 1 or liek 50 admin users ?

@joancipria
Copy link
Author

I was thinking more on a direct link to the resource for viewing it in a new tab or a download link. What is the easiest way? I can adapt the platform, it doesn't matter for me. About admin users, I have more than 1, around 7-8 more or less.

@MirazMac
Copy link

Why don't you just place the folder inside the public directory. Since all the request routes to the "public/" directory, if you place the "docs" the folder inside the public folder anyone will be able to access it via http://yoursiteurl.ext/docs/

Hope that helps :)

@joancipria
Copy link
Author

Hi @MirazMac and thanks you for your answer! Because this files contain sensible information about users's personal life (we are talking about personal documents) I must protect it from public users. Only the people who is requesting this information (admin users in this case) can access it. That was the reason why I created the "docs" folder outside of the public folder. It was my "first" idea, but my problem is that I don't know how to acces them via admin users, so maybe my "solution" is not the best. Thanks you so much for your attention, I really appreciate your help!

@sr-verde
Copy link
Contributor

Store your data somewhere and access them via a php-file, e.g. like described here: http://www.media-division.com/the-right-way-to-handle-file-downloads-in-php/

You should build it inside the framework, of course, and validate if the user is admin.

@joancipria
Copy link
Author

joancipria commented May 11, 2017
edited

Great solution! It worked for me @sr-verde ! Excellent post it really helped me a lot to write my download handler php script in the right way. Thanks you so much guys! @sr-verde @panique @MirazMac. I'm so glad with your help!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@panique @sr-verde @MirazMac @joancipria