So I have my own webserver now and am hosting a website. I have made a basic screenshot to FTP. It copies the link once uploaded and I'm going to be adding randomized folders e.g /push/eqw8/woeqwe.jpg like puush does.
However, this is not my question. I was wondering how I would be able to grab all folders and images from those folders and create a table like this http://puu.sh/oEyfP/783483492c.png or http://puush.me/account in order from upload date. And then it shows in oderder of date uploaded.
I just wanted to do this because I feel more secure and its a fun project doing it.
How would I get about making this.
can you tell me like what I need to do in words?
I'm not good with web development and only good with languages like c# and such.
Learning php and html atm and its pretty basic but I still need time to learn.
At first it depends on your php skills about how much you can think / do in php.
The main thing you need here to order the files / folders by date or manage them at much professional level , you have to use Mysql database and store Files and Folders information inside the database.
For example , let say you have a Image file extension .jpeg then store it's information about :
Extension File size Parent Folder Uploader id / IP Upload Date Unique random key mime type Random name Original name
And there are many other things you need to consider
Files that are being stored by users should be scanned and non executable from the browser.
Store them in random folders with random names so no body can find the way to the file.
You can use javascript/ ajax for uploading multiple files at the same time.
You can make the files non executable by removing their extensions and saving them inside a folder without their original names and save their original names and extensions inside the database along with random string name and the folder name where it was stored so your system can identify the file and you can show your users the file and then on download you can replace the name with original one along with extension.
this is a one of my projects i have created , if you want you can check it out: Buckty
About any other information you need , you can ask me below in comment.
Related
Since I am just experimenting on this, (only localhost) I may like to ask for some ideas(since nothing is really coming out of my mind) about letting a user, who is going to, for example, register to a mini-social-networking site, with a corresponding username/password, personal details, etc. I would upload the image, and save it to a folder(ON MY HARD DRIVE be it Drive C:\ or D:), for example '/images/username' and the full path of the folder would be the one inserted to a row named img_dir (of course it is a string, instead of putting it as a BLOB, so later i would just use img src="path"). I would not mind where it will be going to be saved. But since I am new to cakephp i haven't really grasped the idea of what I am going to do. I have no problems about registering/login sessions. This was easy in C# but I am too stupid for PHP maybe? :P
While this may not give you a direct solution in CakePHP, you had asked for some ideas.
I've outlines some pros and cons of storing a file on the filesystem (along with some other approaches) in this post.
Hope that helps...
I've written a complete plugin for that kind of task and it's more thought through then just the idea of saving the file path.
A file has some more meta data like it's size and mime type which is useful when the file is served. So an uploaded file should be handled as an entity of it's own. I personally think it is a bad idea to directly save the path to a file within the record it belongs to. What happens if you need two images later? Adding incrementing fields like path1, path2?
It is IMO better to have a separate table for files and associate records with these file records. Expressed in CakePHP associations: User hasOne Avatar or Gallery hasMany Image for example.
Also saving files in path like this uploads\username1\pic.jpg can result in slowing down the app because of file system performance issues if you get a lot directories and files within the same level of the file system.
However, check my plugins readme.md out, there is more about why it does things like it does to solve different kinds of issues you can run into.
What are some ideas out there for storing images on web servers. Im Interacting with PHP and MySQL for the application.
Question 1
Do we change the name of the physical file to a000000001.jpg and store it in a base directory or keep the user's unmanaged file name, i.e 'Justin Beiber Found dead.jpg'? For example
wwroot/imgdir/a0000001.jpg
and all meta data in a database, such as FileName and ReadableName, Size, Location, etc.
I need to make a custom Filemanager and just weighing out some pros and cons of the underlying stucture of how to store the images.
Question 2
How would I secure an Image from being downloaded if my app/database has not set it to be published/public?
In my app I can publish images, or secure them from download, if I stored the image in a db table I could store it as a BLOB and using php prevent the user from downloading it. I want to be able to do the same with the image if it was store in the FileSystem, but im not sure if this is possible with PHP and Files in the system.
Keeping relevant file names can be good for SEO, but you must also make sure you don't duplicate.
In all cases I would rename files to lowercase and replace spaces by underscores (or hyphens)
Justin Beiber Found dead.jpg => justin_beiber_finally_dead.jpg
If the photo's belongs to an article or something specific you can perhaps add the article ID to the image, i.e. 123_justin_beiber_found_dead.jpg. Alternatively you can store the images in an article specific folder, i.e. /images/123/justin_beiber_found_dead.jpg.
Naming the files like a0000001 removes all relevance to the files and adds no value whatsoever.
Store (full) filepaths only in the database.
For part 2;
I'm not sure what the best solution here is, but using the filesystem, I think you will have to configure apache to serve all files in a particular directory by PHP. In PHP you can then check if the file can be published and then spit it out. If not, you can serve a dummy image. This however is not very efficient and will be much heavier on apache.
I was wondering what would be the good way to organize documents in a filesystem for my php/mysql application. All info of the docs are stored in a db i am curious about filesystem organization. Is this good way to do it? Is there a better way?
Main folder
/documents
One folder per client
/documents/client1
Documents are uploaded here per client
/documents/client1/queue
After users fill the form docs are saved to a database and moved in this folder
/documents/client1/docs
Original and filesystem names of the document are stored in a database and filesystem name is something like md5($time.$filename.$client_id) and the document path looks like this
/documents/client1/docs/6f99caa11e78697612d8f1b4481cd76a.pdf
I need (minimum) first page of pdf for the thumb and auto barcode reading from the first page
/documents/client1/docs/6f99caa11e78697612d8f1b4481cd76a/6f99caa11e78697612d8f1b4481cd76a-0.gif
I also have
/documents/client1/scan
where files from the scanner goes so users can import them in the database and after that they are renamed and moved to:
/documents/client1/docs
I wonder if i should put files for specific date in a date folder like this:
/documents/client1/docs/20110915/6f99caa11e78697612d8f1b4481cd76a.pdf
Or should i use completely different folder structure?
Why not using only one common folder for temporary (uploaded) files ? It could make maintenance routine easier (for example deleting all old files).
I wonder if i should put files for specific date in a date folder like
this:
/documents/client1/docs/20110915/6f99caa11e78697612d8f1b4481cd76a.pdf
If the date is handled by your database it's needless. Nevertheless if for some reason you need to access this file manually (not using your interface) it could be helpful...
Last but not least be aware of your filesystem's limitation. On some filesytem/os you could have a limitation on the number of file per folder (huge but still).
I would prefere a structure that hash the file organisation according to the file name.
/documents/6/f/9/6f99caa11e78697612d8f1b4481cd76a.pdf
This will keep good file access and its easy to make the structure deeper if needed.
The problem with using the date as a directory, is that the file location is dependant on some information that may change (we never know!)
I am making the small finance management website in php. I have to store quite a few images for my application but i am confused where should i store them. My Scenario is
The user will have
Saving Account
Fixed Deposit
Now for Every Fixed Deposit i need to store the
scanned image of that FD
one or more images for source of money like Bank Cheques
Now where should i store all those images. I mean
Do I need to create folder for each user then each FD and then sources
Or All images in one folder
Don't store all the images in one folder; you'll have issues once you have thousands of files in the same folder. It would make sense and divide up nicely to create a subfolder for each user.
Don't put the folder in a web accessible directory. Instead have an intermediary php script that accepts some parameters, checks whether the requesting user has privileges to view the file, and then use readfile() to return the image. That way you prevent people from viewing other people's images.
Don't use the file name of the uploaded image. Instead you could use the id of database row as the name, or create a UUID; something unique and generated by you. That way you don't have to worry about users uploading files with conflicting names or attempting to hack your system with crazy file names.
I would definitely have a folder (user ID) per user, so you won't have to parse a giant folder of images if you're trying to load one user's images. Beyond that, I think you could just store them in a single folder and use a naming convention or group all images in a sub-folder in a way that makes the retrieval of those images easier.
I have a form where an admin will upload three pictures with different dimensions to three different designated directories. now to make sure that i don't get into the problem of duplicate file names i implemented something like the php will compare the uploaded file name and it will check if that file name exist in the designated directory if yes then it will echo an error and stop the script execution.
Now one of my friend suggested me that it is very bad asking the admin to manually rename the picture file and asking them to take care of the file duplication problem. the solution he suggested was to rename the file automatically and then store it in the database and then direct it to directory.
I am confused about what combination should i give to the renamed file and also make sure it will remain unique file name to be more precise i would like you to understand my directory structure
as i said there will be three pictures files the admin will be uploading namely
a) Title Picture b) Brief Picture c)
Detail Picture
and all the three picture files will be moved to the different respective directory, like title picture goes to title directory and so on.
i am using to script below currently just to move and store the file name with path using varchar in the database.
$ns_pic_title_loc= $_FILES["ns_pic_title"]["tmp_name"];
$ns_pic_title_name = $_FILES["ns_pic_title"]["name"];
move_uploaded_file($ns_pic_title_loc, $ns_title_target.$ns_pic_title_name) or die(mysql_error());
that is just the sample code i havent included the validation function which i am using. i was thinking like i want to rename all the files like
a) In title directory the file should be stored as.
title_1.jpg
title_2.jpg
title_3.jpg
title_4.jpg
and so on
and the same way to rest of the pictures. how do i do that? what function do i use to achieve my target. and if this is not the good way to rename the file i would appreciate any suggestion followed to rename the file.
thanks in advance
Well, here's a possible solution:
Get uploaded filename from $_FILES["ns_pic_title"]["name"] and separate extension OR if we are only talking about image files get the image type with getimagesize($_FILES["ns_pic_title"]["tmp_name"]);
Check your database for the maximum id of the image records and make the the $file_name variable 'title_'.($max_id + 1)
At this point you should have $file_name and $file_extension so do move_uploaded_file($_FILES["ns_pic_title"]["tmp_name"], $ns_title_target.$file_name.'.'.$file_extension)
Hopefully this makes sense and helps.
There are a couple of good options with various pros and cons.
Use php's tempnam when moving the file, and store the path in your mysql database. tempnam generates a unique filename.
Use mysql to store the image content in a blob. This way you will access the image content via an id instead of a pathname.
Instead of having logic to figure out what the latest picture name is and calculate the next number increment, why not just use PHP's tempnam() function? It generates an unique name with a prefix of your choice (i.e., "title", "brief", "detail"). You could also simply prepend a timestamp to the file name -- if you don't have a whole lot of admins uploading pictures at the same time, that should handle most name conflicts.
Since your pictures are going to be sorted into title, brief and detail directories already, it's not really necessary to name each picture title_*, brief_*, and detail_*, right? If it's in the title directory, then it's obviously a title picture.
Also, you're going to be putting the file names in the database. Then elsewhere in the app, when you want to display a picture, I assume you are getting the correct file name from the database. So it isn't really important what the actual file name is as long as the application knows where to find it. If that's correct, it's not necessary to have a very friendly name, thus a tempnam() file name or a timestamp plus the original file name would be acceptable.
Because you are storing references into the DB, I would prefer to just md5 the datetime and use that for the filename and store the disk filename to the DB also. It doesn't matter what name it is written to disk with as long as you can point to it with the unique name into the DB.
I use this methodology, and in none of my testing does the disk name (md5 from the datetime) ever require multiple tries.