Solved

PHP MySQL/Folder - Protected file system

Posted on 2014-02-21
3
800 Views
Last Modified: 2014-02-21
Hello Experts,

I need an advice.

I know that the best way to upload and save files in a website is to upload them to a folder and save the file and link information in the database. Is simple and cheap when come to web-hosts (disk space is cheaper than paying for big database).

But i need to upload and protect video files. The website i'm building for my client will have files as the product do sell so.. i can't leave them open to download.

What's the best approach? store the files inside a blob field in mysql right?
.htaccess will not be practical or possible for this i think..
Or maybe there is a good service for this kind of features i don't know?..

Thx in advanced
0
Comment
Question by:justaphase
  • 2
3 Comments
 
LVL 51

Accepted Solution

by:
Julian Hansen earned 500 total points
Comment Utility
store the files inside a blob field in mysql right?
Not necessarily

Store them outside the webroot and stream them with script

Your request would look something like

mydomain.com/?video=0c241b1f-ec3e-1031-bf66-32903d7ec359

The key links to a DB record that contains the path to the file

You do your validation and check the person has the right to access the file and then do something like this

// construct $filepath here
header('Content-type: video/mpeg');
header('Content-Length: '.filesize($path)); // provide file size
header("Expires: -1");
header("Cache-Control: no-store, no-cache, must-revalidate");
header("Cache-Control: post-check=0, pre-check=0", false);

readfile($filepath);

Open in new window

More info here on how to construct streaming / download code
How to use the Apache x-sendfile module
http://www.jasny.net/articles/how-i-php-x-sendfile/

A sample file streaming script
http://www.devshed.com/c/a/PHP/Video-Streaming-PHP-Script-Tutorial/3/

A very comprehenisve file streaming script with range checking
http://stackoverflow.com/questions/157318/resumable-downloads-when-using-php-to-send-the-file
0
 
LVL 1

Author Closing Comment

by:justaphase
Comment Utility
Thank you :)
0
 
LVL 51

Expert Comment

by:Julian Hansen
Comment Utility
You are welcome - thanks for the points.
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

Suggested Solutions

Things That Drive Us Nuts Have you noticed the use of the reCaptcha feature at EE and other web sites?  It wants you to read and retype something that looks like this.Insanity!  It's not EE's fault - that's just the way reCaptcha works.  But it is …
This article discusses four methods for overlaying images in a container on a web page
Learn how to match and substitute tagged data using PHP regular expressions. Demonstrated on Windows 7, but also applies to other operating systems. Demonstrated technique applies to PHP (all versions) and Firefox, but very similar techniques will w…
The viewer will learn how to dynamically set the form action using jQuery.

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now