I need to upload pdf and word documents to my web server so that users, once they are logged in, can view them.
I am not sure if stuffing these docs into a MySQL database is the best way to do this or if I should just store the link to the file in the database.
My fear with the second option (just storing the link) is that someone will stumble across the document who is not logged in and, therefore, not authorized to view it.
Is there a way to keep someone from stumbling across these documents? Should I even be worried about this if I store the docs several directories deep?
Any help would be GREATLY appreciated! Thanks!!