Torquil Beavis
asked on
How to make upload folder private
How do I make user-uploaded files private if I don't have a private folder? I use a shared remote linux host.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
So, does this mean I do not have access to a private folder?
And what server-based process would be needed to stream the image?
So if I had a private folder where uploads landed, then I could test the uploaded file, and if it passed, then have PHP read the file and write it to one of my web folders?
And what server-based process would be needed to stream the image?
So if I had a private folder where uploads landed, then I could test the uploaded file, and if it passed, then have PHP read the file and write it to one of my web folders?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Let's see if I understand this correctly.
If I had a private folder where uploads landed, then I could test the uploaded file, and if it passed according to my standards, my PHP script could read the file and write it to one of my web folders, then insert the address and filename into the db? LIkewise, if the user wanted to update the image, except it would be a db update.
If I had a private folder where uploads landed, then I could test the uploaded file, and if it passed according to my standards, my PHP script could read the file and write it to one of my web folders, then insert the address and filename into the db? LIkewise, if the user wanted to update the image, except it would be a db update.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
1. So, I take it that from the folder structure above, that I do not have a private folder (even though it shows 'public_html')?
2. If 1. is true, then the issue is, firstly, whether I can get a private folder, and secondly, what process I can discover that will allow a move from that private folder to the public folder. Right?
... Hold it: I just read this: "The public_html folder is the web root for your primary domain name. This means that public_html is the folder where you put all website files which you want to appear when someone types your main domain (the one you provided when you signed up for hosting)." When you talk about 'root', are you talking 'web root' or the one that has the web root as one of it's folders? And if the root we are discussing is web root, then surely I can create a private folder above 'web'?
2. If 1. is true, then the issue is, firstly, whether I can get a private folder, and secondly, what process I can discover that will allow a move from that private folder to the public folder. Right?
... Hold it: I just read this: "The public_html folder is the web root for your primary domain name. This means that public_html is the folder where you put all website files which you want to appear when someone types your main domain (the one you provided when you signed up for hosting)." When you talk about 'root', are you talking 'web root' or the one that has the web root as one of it's folders? And if the root we are discussing is web root, then surely I can create a private folder above 'web'?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I can create/assign chmod via ftp or ssh.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I selected my own comment as the solution since the expert advice needed me to do more work in determining that a private folder could be created outside the /web folder which turned out to be the web root. Consequently, the solution was to handle upload data and files through a script in the web folder which has access to the private folders while users may not.
Thanks arnold. Your help is much appreciated.
Thanks arnold. Your help is much appreciated.
ASKER
I use a web host that has a shared host server running apache, remote from me. I have no access to the host except through ftp and ssh.
Here is the folder structure where [sc] = shortcut symbol:
Open in new window
Apparently, most hosts allow access outside the root for private folders, this being more secure than inside the root.Incidentally, my web app is in PHP/MySql, and images that I intend to have users provide will be .jpg, .png, and .gif. These images would be stored in the private folder and pointed to by db entries, since storing the images would use too much db space.