Welcome Guest, Not a member yet? Register   Sign In
CodeIgniter Forums Using CodeIgniter Best Practices Best place to put user uploaded files.
Best place to put user uploaded files.
  • Offline davecoventry
    Junior Member
  • **
  • Posts: 27
    Threads: 9
    Joined: Sep 2022
    Reputation: 0
#1
10-30-2022, 06:16 AM

When the user uploads a document, I've placed it in ROOTPATH."writable/users/userid/"
However, there is an image file located in the user's directory that I want to be able to display.
I don't want to give general access to the confidential files in the user's directory, but I need the url to be visible in the browser.
I suppose I could put the image file in /public/users/userid/image.jpg and leave the confidential content in writable.
What would be best practice?
~ Dave
Reply
  • Offline davecoventry
    Junior Member
  • **
  • Posts: 27
    Threads: 9
    Joined: Sep 2022
    Reputation: 0
#2
11-11-2022, 11:05 PM
(This post was last modified: 11-12-2022, 02:45 AM by davecoventry.)

Ok, this is what I'm doing.
In /public: preview.php
PHP Code:
<?php
 header("Content-Type: image/bmp");
 header("Content-Length: " filesize("/var/www/html/sites/example.com/writable/users/".$_GET['path']));
 $fp fopen("/var/www/html/sites/example.com/writable/users/".$_GET['path'], 'rb');
 fpassthru($fp);
?>
In my view.php file:
Code:
<img src="https://example.com/preview.php?path=<?php echo $userid;?>/image.bmp">
This is probably not best practice, but, security-wise, I can't see it being less secure than simply specifying the url of the image directly in the src of the img tag.
~ Dave
Reply




Theme © iAndrew 2016 - Forum software by © MyBB