FILE UPLOAD FOLDER PERMISSION 777 |
[eluser]Unknown[/eluser]
In CI user guide there is such line: Quote:You'll need a destination folder for your uploaded images. Create a folder at the root of your CodeIgniter installation called uploads and set its file permissions to 777. How secure is it when I am developing real web application? For example: social network and I want to upload user's profile pictures. I think I will have privacy problems when user's will want to upload private pictures.
[eluser]LuckyFella73[/eluser]
It's more or less up to you where the file is uploaded to. The advice taken from the userguide is just to make the example to work. If your images need more privacy you can store them in a folder where they can't be accessed via url. For the output you can write a script that reads the files and render them without showing the source depending on the logged user.
[eluser]Harold Villacorte[/eluser]
Here is a quick and easy way to protect a public image folder. Put this code in index.php in the image directory. As you can see a certain cookie is required to access the script: Code: <?php if (!isset($_COOKIE['your_access_cookie'])) exit ('No direct script access allowed'); Code: DirectoryIndex index.php If you have not done so yet try writing a secure file service application using CI's XML-RPC class. It is a worthwhile effort. |
Welcome Guest, Not a member yet? Register Sign In |