Please i'll like you to enlighten me how best (folder) to save uploaded user profile pictures. In my previous projects i've usually uploaded into a folder inside the main project folder i.e
www/projectFolder/upload
would this be good for efficiency and security?
Already, i've disabled folder navigation (from URL) through .htaccess
this question
upload file with php and save path to sql
prompted my question.
Thanks
Why you don't use database to save them? I guess this is the best choice.
Anyway, if you can't save them in DB for any reason & you have to save images in a directory on your filesystem, I guess it's better to save them somewhere out of your web server htdoc directory (& sub directories), so access to those files would not be possible directly via web server. of course you'll need enough permission to allow your php scripts to read, write & modify files in target directory.
Also suggest to take a look at usage of .htaccess files on apache.
Related
Let's say I have a Job that generates an avatar image through Intervention with the username on top of a static default background image. This background image should be available for each project member, so it should life somewhere in the repo.
My question is: where does this static background image life?
When I take a look at the Laravel docs about the Directory Structure I conclude that:
It should not life in the public directory, since it does not have to be publicly accessible (the image itself is never used without the username on it)
The public directory contains the index.php file, which is the entry point for all requests entering your application and configures autoloading. This directory also houses your assets such as images, JavaScript, and CSS.
It should not life in the storage directory, since this folder seems to be for generated stuff (and is subject to overwrites)
The storage directory contains your compiled Blade templates, file based sessions, file caches, and other files generated by the framework. [...]
It could maybe life in the resources directory, since this directory contains "raw, un-compiled assets". But the fact that images are not used as an example it makes me doubt.
The resources directory contains your views as well as your raw, un-compiled assets such as LESS, SASS, or JavaScript. This directory also houses all of your language files.
What are your opinions on this question?
First off, your application shouldn't depend on the file being in the same filesystem. You should use the Laravel Storage API, since that way you can easily store the files on a third party storage solution such as Amazon S3 without having to change anything other than a config setting.
With the local driver, the files would default to being stored under storage/app, which I would consider the correct location. It's actually recommended that if a file needs to be publicly accessible, it should be stored in storage/app/public/, which should be symlinked to public/.
As you have observed, the public directory is for anything that needs to be publicly accessible, including compiled Less/Sass, JavaScript and images. The resources directory is for their uncompiled counterparts, so your Less/Sass files and JavaScript should go there before being processed by Mix. The storage folder is for more general file storage use, but I would have a look at the possibility of storing these files with a third party service.
I'm developing an application with Symfony2, and my users get to look at their folders (located in alfresco) but at a certain point some files need to be moved from one folder to another.
I tried ftp_rename but didn't have much luck with it. I could rename a file's name with it but I couldn't move it from one location to another.
I tried looking at the alfresco docs but didn't find anything helpful because I'm developing an api and I can't use Cmis Js.
The ftp_rename can rename/move a single file only. You cannot use it to move all files in a directory to another.
So you have to:
list all files in the source directory, e.g. using the ftp_nlist.
call the ftp_rename for each, one-by-one.
I find it difficult to form my question properly, so apologies in advance.
I'm currently building a small web app where users can sign up, log in and upload pictures. These pictures are stored in different directories. I want to be able to lock these directories, so people cannot simply view the entire directory (because it features a picture contest and submissions should remain secret). But I also want the contents to be viewable. I intend to create long filenames within the directory automatically to keep them "safe".
Any thoughts?
Thanks in advance,
Lenny
To disable directory browsing of your files, the simplest way is to add a line to an .htaccess file (if you're using Apache) in a common directory:
Options -Indexes
Source
Alternatively you can add this also to a <Directory> or <Location> section of a vhost entry, but would apply to the entire vhost rather than just a given directory tree.
I am developing a Joomla Component which will allow visitors to download a sound file (be it mp3, or wave, does not matter). Those files are managed in the admin interface and can be unpublished in there.
Therefore, it seems that placing them in the assets section is not an option, as it would make them accessible directly from the server. I want to avoid direct access and only serve them through my MVC structure (usnig RAW document type) after verifying that the requested file is published.
Are there any conventions on the placement of those files inside my component's directory structure?
My first idea is to create a folder inside the administrator/components/com_mycomponent and keep the files there. Do I need to restrict access to this new folder with a new .htaccess file, or is it already taken care of by Joomla with a global .htaccess?
you should place the files in the media directory. It is supported by the installer and is much better place. The logic is to have code in com_mycomponent for site and admin and both of those will share media (images/css/js), downloads, etc...
/media/com_mycomponent/
Restrictions are up to you.
Here is Joomla installation structure, http://docs.joomla.org/Components:xml_installfile
I have a PHP project setup in Netbeans (v6.8) where all the PHP files are on a remote server and in a single directory. Whenever I save files locally they are updated on the remote server via SFTP.
I now need to edit a remote JavaScript file to add some jQuery logic but the file is located within a different directory on the webserver. How to I add this JavaScript file such that when it is saved or updated it is transferred to it's own location on the server?
When I attempt to create the file locally within NetBeans it saves to the same directory as my PHP files. I would like to be able to continue using NetBeans rather than doing this all manually using an SFTP client and a text editor. Thanks in advance.
Since you're not getting any answers I'll offer a limited suggestion. I use netbeans, but not to automatically upload like you're doing so I may be way off here.
It sounds like you would either need to change your project to have a larger directory structure that would contain everything for this to work like you want it to. Gan you go up a level or two in the directory structure, and add containing folders in your local project to match?
The other option might be to create a second project for the javascript directory, and set that to go were it needs to go. You can create "project groups" in the project view which you can use to link them together. I know this is probably not ideal, but is hopefully easier than doing your uploads manually.