I would like to give the user a file browser from within a webpage.
Here is what I've tried. I'm trying to present the file contents myself. I am trying to make it so there is div that is the same as what you would get on an ordinary directory browse within the webpage. I have succeeded in making the div work visually, displaying the contents of the selected folder but when trying to click on a file in that directory it can not find the file because it is looking in the wrong file path index.html/ instead of index.html/videos.
Code:
<div id="new-nav"></div>
<script>
$("#new-nav").load("/videos");
</script>
What's the best way to give the user a "file browser" experience in a webpage?
I would recommend using http://ckfinder.com/demo instead.
Features of CkFinder as Listed on their Site
Lightweight interface.
No page refreshes: quick responses.
Folders tree navigation: intuitive for all users.
Quality image thumbnails, making it quick to find things.
Multi-language support with automatic user language detection.
Context-sensitive menus for files and folders.
Multiple file uploads with a progress bar (*).
Full user control of the content: create, rename, and delete
folders and files.
Drag-and-drop support for copying and moving files between folders.
Full developer control: all features can be precisely configured with
a powerful ACL and user roles system.
Flexible configuration: store files in private folders, also
outside the document root.
Secure file uploads: all uploaded files are checked according to
the rules set by the developer.
Full source code included for the server side integration.
Instant integration with CKEditor and FCKeditor.
Related
I have files stored in the server with the Plesk panel, currently, any person with the link of my site can access the file and download it.
Is there any way to prevent the download for all the users?
The general approach is to create a folder that is not in the root folder of the web site. In other words, you don't allow nor have valid URL's to a folder as a result. This does mean then you have to build some type of web page that can say list out some files and a button to click to download such files.
In other words, no valid url's exist. This tends to suggest that you have some type of grid or display of files. often even a database table to drive such a display is used.
When the user clicks on say a button on that grid row, then code behind can fetch the file, and "stream" it down to the user. The end result is thus no valid url's or resolvable path to the files exists.
Also, from IIS, turn off directory browsing. and thus again no valid URL's to the files exists.
The other approach? You can build a custom http handler. This approach is quite common. That way, any url that ends in .pdf will be trapped, and thus not allowed. As noted, this again means you have to provide a "list" of files, and a button to download - and again you can then stream the file from the server.
So there is quite a few ways, but ultimate, I as a general rule don't allow files to be downloaded or even accessed by URL's. I always provide some kind of web page, and a list of choices for the user. The code behind is what actually fetches the file, and then streams it down to the browser.
So, you can
Search for how to build a custom http handler for pdf files in asp.net
Search for how to stream a file to users in asp.net
how to turn off directory browsing in IIS.
There are a truckload of options here - in fact too many to really post and explain in Stack Overflow answer.
I am stuck on this part of my laravel application, Where I am asked to protect the files from directly accessed via url browser hit.
I have a public folder in which in a doc folder is present where all the documents are going to be uploaded. I just need a solution to prevent this where i can access docs directly from my application but any third party visitor can not view my docs (images,pdfs etc..).
I have tried many solutions but its not at all working.
I just want to things :-
1. Protect my docs through direct access.
2. Way of implementing it in laravel (via .htaccess)
I know this can be possible through htaccess, but how?
Kindly help Please :)
Add in your upload folder .htaccess file with content:
Deny from all
There are three approaches I can think of just now;
You intercept all image and video requests with Laravel, then using the router, serve up the content that the user was after, provided they are authorised. THIS WILL BE SLOW!.
You rely on obscurity and put all that clients images, videos etc in a folder that has a long-unguessable random url. You can then link to the content in your code using the 'static' folder name. The customer's content will always be in that folder and accessible if they log in or not. The advantage of this compared to 1 is that your framework does not have to boot for every image or video.
Have all the content hidden away - possibly in the storage folder. When the user logs in, create a temporary symbolic link between their public folder and their folder in storage. Keep a note of the link in the session. Use the link in all gallery etc rather than the static code used in (2) above. Once they log out the code will no longer be valid, and you can delete the symbolic link on logout or have a job to tidy it up periodically.
I am currently tasked to make a website that allows a personnel of people to select possible candidates for a job.
From here, the candidate will upload their resume online to the PHP server. After which, the candidate will view the resume for review to see whether is the candidate suits for the job. I would like to know how is it possible to allow them to download the document from the server and/or view the documents online, probably in another browser page.
Thank you! :)
I would like to know how is it possible to allow them to download the document from the server and/or view the documents online, probably in another browser page.
After a file was moved from the temporary upload folder to your "uploads" folder, you are able to generate a download link to the file.
The file can be view "online", when the viewer opens the file in a new browser tab (by right-clicking the download link, then open in new tab) or you set target="_blank" on the link.
Most modern browsers have PDF support. I would only suggest to utilize a document viewer on server side, if the download links must be protected and the user-group is rather small, because this doesn't scale well.
We have a system where, a large part of it is the ability to upload and download files if you are logged in and have the correct permissions.
What we are looking at doing to help with the organization from the users point of view is having a virtual file system type layout.
Even if (or even preferably) all the users files are actually just stored in one directory, and the virtual file system is just a screen put up from the database.
What we are wondering before we invest in creating this is if this already exists somewhere, open source (but able to be used in commercial software), free, or paid (first two preferably!).
A simple file system on top of PHP can be done by WebDAV that is built on top of PHP:
http://sabre.io/
This would be a good example, but there are others as well. WebDAV is essentially a web based file system (http://en.wikipedia.org/wiki/WebDAV).
This could not only provide a file system, but also would let you edit files directly with Word/Excel (2007+) in it. Showing then a treeview of folders and files would be quite trivial, using few database tables and some jquery components, such as jsTree and jqGrid.
Although if you are searching for a full document management system: http://www.opendocman.com/ or http://code.google.com/p/simpledoc/ this would be more then enough.
It really depends on how many features you are going to incorporate into this system. Will there be an OCR, would you like to store the files in the cloud service, how many user input there will be (is simple upload enough, or camera, scanners and other devices are needed to be used as well)?
As for the commercial products, you could check out Microsoft SharePoint (http://en.wikipedia.org/wiki/Microsoft_SharePoint) or IBM Lotus Notes (http://en.wikipedia.org/wiki/IBM_Lotus_Notes)
I'm building an app based on CakePHP framework and Croogo CMS. Basically there will be a simple intranet section where after logging in the users will be able to view and download some files.
Within administration I'm planning a simple section where the administrator will select files from ones previously uploaded into CMS and laying in /app/webroot/files folder. Here I would like to implement a simple file picker to let administrator easily select files that will be added to that intranet.
I was googling for a while but found nothing useful - merely pages about file upload.
My question: is there any plugin or something similar to my needs that I could use or do I have to write it down myself?
If there is nothing useable I was planning to do it this way:
administrator will have to upload intranet dedicated files directly to a folder /app/webroot/files/intranet/
within intranet documents administration section I will then list all present files, fill them into <ul> list as links and using jQuery fill some hidden form fields in background from which I would then gather information about files that are being added into the intranet
Is this a good approach or do You have better and simpler solution?
Many thanks for Your responses in advance!
As Lector said, webroot files are public, so you will need to save them to somewhere outside webroot, perhaps in another folder inside app. You can use the Media view to allow download of those restricted files. You could display all the files in a certain folder using PHP similar to how it is done here.