?
Solved

Best place to store uploaded files?

Posted on 2007-04-10
3
Medium Priority
?
203 Views
Last Modified: 2012-08-13
Hey I'm building an online file manager web app in ASP.Net, I wondering where the best place is to store the files uploaded by a user?

I have them at the moment stored in a folder outside the inetpub folder, at c:\files\filemanager\users\<username>\Root is that ok or is it best to store them in the webapp folder under inetpub?

If it is ok to store at the "files\user..." folder then I've another question. Any video files uploaded I convert them to flv & I was gonna store them in "c:\files\ConvertedVids\users\<username>\" but to play back the flv's I need to pass in a web address
Using FLVScrubber 2 http://www.topfstedt.de/weblog/?page_id=208 with the following embedded code:

<embed flashvars=""    src="http://www.yoursite.com/assets/scrubber.swf?file=http://www.yoursite.com/videos/yourvideo.flv&bufferTime=3&startAt=0&autoStart=false"
    allowfullscreen="true"
    type="application/x-shockwave-flash"
    id="FLVScrubber2"
    style="width: 323px; height: 283px;" />


So do I need to have the converted files stored in a folder under the webapp? Say <webapp>/convertedvids/<username>. How do I control it so only the user logged in gets to view only their vids? Wud I need a web.config for each <username> folder?

As I'm sure u guessed I'm very new to ASP.Net, thanks for any advise.
0
Comment
Question by:rebels_mascot
  • 2
3 Comments
 
LVL 12

Expert Comment

by:ullfindsmit
ID: 18883090
you can restrict access to files/folders based on user authentication on the web.config
0
 

Author Comment

by:rebels_mascot
ID: 18883155
So should I go down the <webapp>/convertedvids/<username> route and have a web.config for each <username> folder? As in I don't want userA to be able to see userB's videos by guessing a url, because I think I'll have to enter the video file name into the url so the embeded flv player knows what to play
0
 
LVL 12

Accepted Solution

by:
ullfindsmit earned 1500 total points
ID: 18883171
try changing the filenames to random numbers/strings or something along those lines... make it hard to guess.

The only way to make it a 100% safe is to save it under the wwwroot directory and write your own page to read from the file and stuff... which I believe would be fairly complex.
0

Featured Post

Hire Technology Freelancers with Gigs

Work with freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely, and get projects done right.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

User art_snob (http://www.experts-exchange.com/M_6114203.html) encountered strange behavior of Android Web browser on his Mobile Web site. It took a while to find the true cause. It happens so, that the Android Web browser (at least up to OS ver. 2.…
Introduction This article shows how to use the open source plupload control to upload multiple images. The images are resized on the client side before uploading and the upload is done in chunks. Background I had to provide a way for user…
This Micro Tutorial will teach you how to add a cinematic look to any film or video out there. There are very few simple steps that you will follow to do so. This will be demonstrated using Adobe Premiere Pro CS6.
Integration Management Part 2
Suggested Courses

571 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question