Welcome Guest, Not a member yet? Register   Sign In
How to access images under writable folder
#1

Hi there,

I have uploaded images in writable/uploads folder. But now I am trying to access the file and showing using <img> tag, its not showing. When I try to access the file in the browser directly, it shows 403 error. Any help would be appreciated.

Thanks
~Muzammil
Reply
#2

You need to upload them to /public/uploads or make a PHP-reader that reads the image from writable/uploads and outputs it to the user, with a correct mime type.
Reply
#3

(08-04-2020, 12:09 PM)jreklund Wrote: You need to upload them to /public/uploads or make a PHP-reader that reads the image from writable/uploads and outputs it to the user, with a correct mime type.

Okay so I guess I will upload images to public folder. Thank you !
Reply
#4

I’m a fan of symlinks (assuming you aren’t on Windows). Just create a symlink in public to the uploads folder. This also helps you keep your folder permissions consistent. Obligatory warning to use good security when making uploaded files accessible.
Reply
#5

(This post was last modified: 08-07-2020, 12:04 AM by John_Betong.)

The writable folder should be used for temporary and/or transient files. Everything inside should and can be deleted.

Images used in a common layout should be in public/assets/imgs folder and be immediately accessible by the browse either by including or called directly by a URL.

Abusing the convention requires additional scripting to bypass the folder intentions.

Edit:

Please explain how the images were uploaded: "I have uploaded images in writable/uploads folder."
Reply
#6
Thumbs Up 

(08-06-2020, 03:05 PM)John_Betong Wrote: The writable folder should be used for temporary and/or transient files. Everything inside should and can be deleted.

Images used in a common layout should be in public/assets/imgs folder and be immediately accessible by the browse either by including or called directly by a URL.

Abusing the convention requires additional scripting to bypass the folder intentions.

Edit:

Please explain how the images were uploaded: "I have uploaded images in writable/uploads folder."

Thank you for the reply. I have fixed the issue by uploading the files now in "public/uploads" folder. I understand now that writable folder should not be used for public files. Thanks!
Reply
#7

Quote:The writable folder should be used for temporary and/or transient files. Everything inside should and can be deleted
That is not a given, and is up to the developer. The goal of the writable folder is to be writable. By convention files added here are exempt from repo storage, so it is also a good place to store user/environment/temp files, but there is no issue with keeping uploaded content in place there and serving it out via symlinks or a media reader.
Reply
#8

assuming you upload the images in the upload folder, you should have a route like:
```$routes->match(['get', 'post'], 'imageRender/(Confusedegment)', 'RenderImage::index/$1');```
and then a class to return the image. it should have something that verifies if user is logged or some kind of verification to prevent averybody from seeing the image (otherwisee defeats the purpose of all this and you would be better just putting the images in the public folder). something like this:
```
<?php

namespace App\Controllers;

use CodeIgniter\Controller;

class RenderImage extends Controller
{
public function index($imageName)
{
if(($image = file_get_contents(WRITEPATH.'uploads/'.$imageName)) === FALSE)
show_404();

// choose the right mime type
$mimeType = 'image/jpg';

$this->response
->setStatusCode(200)
->setContentType($mimeType)
->setBody($image)
->send();

}

}
```

and in the view the image would be something like this:
```<img src="/imageRender/restaurant_imgs/<?= i$mage_name ?>" alt="image">```
Reply
#9

just to clarify , you upload images to a directory and simply want to "see them" in a view using <img src = . Is that correct, you don't want to access them to work on them?


for an image in writable to be seen in a view, in view it would be :
Code:
<img     src = "<?php echo WRITEPATH.'imagename.jpg'); ?>" >

you can upload images using a form with in form:

Code:
<?= form_open_multipart('name_Of_route_Post_IS_GoingTo'); ?>

in controller named by route get name image:

Code:
$file =   $this->request->getFile('productImage');
        $nameImgFile= $file->getName();

then using FILE you can do:

Code:
$file->move(ROOTPATH.'public/productImages',$nameImgFile);
Reply
#10

(This post was last modified: 03-30-2022, 08:24 AM by dgvirtual.)

(08-04-2020, 12:09 PM)jreklund Wrote: You need to upload them to /public/uploads or make a PHP-reader that reads the image from writable/uploads and outputs it to the user, with a correct mime type.

To resurrect a theme: I need to make some uploaded files available only to logged-in users.

I guess one way to do that would be to put the upload files into a public directory while rewriting their names into some md5 string, like nice-picture_a03384874133c262676aab57fecb8ced.jpg , so that without a link pointing to it there would be no easy way to get the image.

But I see you also suggest to "make a PHP-reader" - could someone point me in the right direction on how that is to be done? What would be the-codeigniter-way of allowing access to files outside public directory?

I have found this code example online, is it the way to go? I imagine it would go into some controller that would be provided as src link with the name of the file I want to provide as first argument (segment) after the controller name in an html page...

PHP Code:
$file '/absolute/path/to/file.ext';

if (
file_exists($file)) {
    
header('Content-Description: File Transfer');
    
header('Content-Type: application/octet-stream');
    
header('Content-Disposition: attachment; filename='.basename($file));
    
header('Content-Transfer-Encoding: binary');
    
header('Expires: 0');
    
header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
    
header('Pragma: public');
    
header('Content-Length: ' filesize($file));
    
ob_clean();
    
flush();
    
readfile($file);
    exit;

==

Donatas G.
Reply




Theme © iAndrew 2016 - Forum software by © MyBB