I have a web application and I want to save data in a file instead of in the database.
My doubt is, where I should save the file? If I save it under the public directory, I could refer them with the assets to make the correct URL, but in the public directory, any person could see the file writing the complete URL. This shouldn't be because de data is reserved.
I think about the var directory, but I couldn't use the assets to make the correct URL to get or manage the files.
Where I should save the files and how I get/manage them?
If the data-file is local and hosted on the server's file system, the most logical place to store something like that would be the var directory. Although nothing stops you from creating your own "var-like" directory and naming any way you like it. E.g. data. But I would follow the conventions and create var/data, easier for everyone.
That you can't use the asset() function is irrelevant, because a data-file is not a web asset, but an infrastructure concern.
A file like this should not have a URL at all, but you would only access it through it's file system path.
Related
In Service Cloud (FKA RightNow) Customer Portal, isn't the "assets" folder writable?
I'm trying to upload a file to a subfolder inside the "assets" folder but I seem to be running into permission issues. The code I'm using is:
$file_name = "File_".time().".txt";
if(move_uploaded_file($_FILES['upload']['tmp_name'], HTMLROOT . '/euf/assets/uploads/text/'.$file_name))
{
header("Location: /app/read_file/file_name/".$file_name);
exit;
}
This is throwing an error which states:
Access to move_uploaded_file is denied because its trying to access restricted folders in ......
Is there no way to save the uploaded file into the "assets" subfolder via PHP?
EDIT:
The destination seems to be correct as if I use:
echo HTMLROOT . '/euf/assets/uploads/text/'.$file_name
it prints:
/vhosts/sitename/euf/assets/upload/text/File_1480674311.txt
So the correct filepath is being referenced but somehow the framework is not allowing me to save it in there.
Update
The use case is such that via the CP, a person will upload a CSV/TXT file. This file would contain contact info (name, email etc) which will then be read (at a later stage) to create contacts in OSvC. This would be a recurring process, perhaps twice or thrice a month.
Since the reading of the file will not happen at the time of upload, storing the file someplace is the ideal solution.
Correct, the folders are protected by user permissions that are enforced by WebDAV and the file system. And, the assets folder is not intended to be a file storage mechanism for uploads as you are using in this capacity.
Is there a reason that you are placing files in assets as opposed to attaching them to incident or contact objects that would be within the context of someone operating within Customer Portal?
If you're looking to build some sort of content management into Customer Portal, then I'd suggest using a separate product for file storage that provides an API where you can manage files with more granularity, like Oracle Cloud Data Storage, where you can then serve these files from in CP.
Storing contact records or any other sensitive data in assets folder is VERY BAD PRACTICE. These files are open to public as any other files stored in assets folder - css, js, images...
There are other folders in the file structure that are much better for this purpose. They are only accessible from the code level.
Are you by any chance on v16.8?
I have created an upload folder at the same level of app and storing uploaded files there. Now I need to access those file via browser so need to have an http:// based address.
First, am I doing right? What are Laravel 5.1's recommendation? Where should files be stored? If no recommendation then how do I get ULRs?
Store the files within your public folder create uploads folder and then you can simply access from there using asset() function like as
asset("uploads/your_file")
You can use Request::root() to get the root URL of your website and then simply use Request::root()."/uploads/your_file"
I'd like to put my images/assets in folders at the same level as my application directory, but every I try to link to an image, I get this error:
Forbidden
You don't have permission to access (my base url)images/myimage.jpg on this server
This how I'm trying to access the image in my view:
<img src="<?php echo base_url(); ?>images/myimage.jpg">
Is this an issue with my routes.php? I haven't really touched it, nor have I created a .htaccess file.
If the issue is that I haven't told it how to handle the base_url + some_asset_folder, where and how do I go about configuring that? I only know how to tell the routes to use a particular controller class and method, not to access a particular directory.
I'm new to PHP frameworks and a new to CodeIgniter – any help is much appreciated! Thanks so much.
The best way to keep your images, stylesheets, javascript, uploads etc. files are separate from the application. Create a folder assets in the root folder that contains application and systems.
So it'll contain the folders application, assets, system etc.
Add folders inside assets -- images, css, js, uploads etc.
and you can access it using
<img src='<?= base_url() ?>assets/images/image.jpg' />
This would probably be the best way to do it. This is what I've been doing for my applications, so for me this is the best way. Hope this helps.
Please check your .htaccess file that might be causing problems .
Allow your file types in .htaccess .
If you have CI installed outside of your public http web folder, you will not be able to access your images directory through a browser due to server permissions. One way around this would be to create a controller to fetch and serve the image file.
How do you store files that are to be used in a class.
For example the class file itself, then images used in that class. Or do you not use images in the class, but just return an output to the main page which in turn uses the images?
Recently I have been problems deciding whether to put the images used by a class in the global directory for the website or to create its own directory. This has just stricken me as I realised that a class such as for image manipulation or db manipulation can be used with other projects and it might be hard to try and find the related images in the global folder when migrating them.
So how do you store the images used in your classes? Or do you not return a printed output ever from a class?
The programming language used in this case is PHP.
Images are stored in a separate folder. For one, images must be reached by the client (browser), while the php files (except for a couple that are actually used in urls) can be kept outside the document folder.
The exact path of images and others files is stored in a configuration. This is just a small PHP file that keeps a list of settings. You should not hardcode the path to your images folder in your classes.
this is the structure I use
/includes
All the clases that you have
/logs
Log files
/public_html
All the pages visible to the user
/css
/javascript
/images
You can have a config.php file where you have something like this
define("LIB_PATH", '/includes/');
define("IMG_PATH", '/public_html/images/');
etc.
That gives you the benefit of using absolute paths in a short, simple and understandable way
I have a folder (folder_1) that is protected by htaccess/htpasswd files. Inside that folder is another folder (folder_2) that is protected by another couple of htaccess/htpasswd files.
When a php-script in folder_1 or folder_2 is called, the user has to authenticate herself using the correct username and password as specified in the respective htaccess/htpasswd files. This works as intended.
However, as soon as the php-script in folder_2 tries to refer to another script or a css-file that is located in folder_1, the user must enter username and password for folder_1 as well.
Is there a way to avoid this that does not involve copying scripts and css-files from folder_1 to folder_2?
Regards,
Ralf
Unfortunately not; as simply enough, any requests from a particular directory use the rules defined in its own htaccess/htpasswd files. However, I can recommend that you put support files in a tertiary folder, so that you don't have to have a copy in each folder (put css and js in a "folder 3" of sorts).
You can achieve this using access rights, see here under "Checking access rights" about half way down the page. The results is only one login required by a user.
http://www.htpasswdgenerator.com/apache/htaccess.html
I've spent a half day looking into this as it would be an ideal solution for my staging server.