I have a quick question about how to serve data from a repository in a application that I am writing using the Zend Framework.
My current structure is:
/application
/filespool
/library
/public
In the filespool are a number of user identifiable folders that contain user content that is uploaded via forms, mainly jpg/png and pdf. This causes issues when trying to display an image back to the user as the path in my db to reference the file is:
../filespool/0/0/1/image.jpg
which I can't display in the view script as it can't reference the image.
What would be the best way of adding the image to the view script when trying to display it back to the user? I thought about adding the filespool folder to under public but would rather leave it where it is, as that move would require a lot of work to refactor the changes.
Thanks in advance...
i guess you could try 2 diferent things ( actually just one )...
use htacces to make a virtual directory for the file pool using rewrite ( not working )
make a php file in the public directorry that takes a parameter with the path and serves the files
EDIT
Spoke to soon ... you cant use htaccess ... and that is because its outside your document root so the server cant serve files from there.
Related
I am using spatie library to upload some files which will be saved to the storage folder. What I want to accomplished at the moment, is to view those files or images when I am an authenticated user. I've tried creating a symlink using this command ,
php artisan storage:link
But this makes those file to be seen publicly. What I only want is to view those file, only when the user is an authenticated user. So far this is what I did but it seems like I miss something.
ROUTE :
Route::get('/storage/{filePath}', 'ComplaintsController#fileStorageServe')->where(['filePath' => '.*'])->name('complaints.viewfile');
CONTROLLER :
public function fileStorageServe($file) {
// know you can have a mapping so you dont keep the sme names as in local (you can not precsise the same structor as the storage, you can do anything)
// any permission handling or anything else
// we check for the existing of the file
if (!Storage::disk('local')->exists($filePath)){ // note that disk()->exists() expect a relative path, from your disk root path. so in our example we pass directly the path (/.../laravelProject/storage/app) is the default one (referenced with the helper storage_path('app')
abort('404'); // we redirect to 404 page if it doesn't exist
}
//file exist let serve it
// if there is parameters [you can change the files, depending on them. ex serving different content to different regions, or to mobile and desktop ...etc] // repetitive things can be handled through helpers [make helpers]
return response()->file(storage_path('app'.DIRECTORY_SEPARATOR.($filePath))); // the response()->file() will add the necessary headers in our place (no headers are needed to be provided for images (it's done automatically) expected hearder is of form => ['Content-Type' => 'image/png'];
// big note here don't use Storage::url() // it's not working correctly.
}
VIEW :
#foreach($complaint->attachments as $attachment)
{{ $attachment->file_name }}
#endforeach
When I click the link it will give me something like this.
http://127.0.0.1:8000/complaints.viewfile/http%3A%2F%2F127.0.0.1%3A8000%2Fstorage%2F3%2F60580fdeadc55_worship.jpg
Please help. Thank you...
You need to understand how files are served by a web server and how that interacts with a laravel application.
You likely have nginx or apache set up to serve files from the public folder of your laravel app. ie: /var/www/sites/laravel-site/public.
When an HTTP request is sent to your server, if your nginx or apache is configured to serve files like laravel-site.com/storage/documents/secrets.pdf statically, then your laravel application code will never even be run, and you cannot control access to these files at the application level.
If you want to setup access control to files, you will need to first ensure the requests are not going to be served statically, and second setup a route to serve the files after checking if the user/request has permission to access the file(s) you want to serve.
There are lots of other great answers and resources on how to do this.
Correct me if im wrong but isn't the easiest way to do that via system-settings ? Like you have different Users and you just put them in different groups that have different rights for folders/files.
I'm currently building a simply file hosting script using Slim 3. Currently I have my users folder on the same level as my public directory. Now that I'm attempting to access the files inside the user folder I'm getting errors caused by my document root not being able to access my users folder. Would it be a better idea to put my users folder inside my public folder because technically that would be public info to the logged in user?
It depends on what these files are - If they are only for the specific user or if they are available to all users.
When the files has to be private you can not put them into public, simple because everyone could hack url and get access to them. So you should put them in any data directory and make them available using an endpoint like /file/{username}/{name}.
In such endpoint you can easily append Header about filetype or if it should download or try to show in the browser window.
Whatever you make publicly available to the web server will be handled by default as any other asset:
Its URL is based upon the actual file name
If you know the URL you can download it
If it's a .php file it will be executed
You can certainly address all this concerns (and some of them may not even be concerns for your use case) but I don't think this is the ideal layout for a typical user-managed directory tree. Your current approach makes more sense to me.
To access such files you need to create a proper download script that makes all the appropriate checks (e.g. access checks), matches file system stuff from URLs and serves the assets as static files. In Slim that means creating a route with parameters and writing a handler function that does all this stuff.
I am attempting to create a website utilizing PHP as the driving power behind the gears. The idea behind the site (generally) requires that each user be presented with the option of creating their own profile (currently considering creating a directory for each user).
I have been doing considerable research in order to set this application up in the best means possible. But I am suffering from extreme confusion when it comes to creating the directory structure. I am considering downloading a framework assistant (CodeIgniter) which might assist me in the venture, but I'd rather get the opinions of others first.
Currently I have all of my files and content within my public_html folder, and I am aware that this is not the ideal set-up. But I'm not sure how to go about creating an alternative structure. I do not know where to store the various templates (header.php, footer.php, etc) and how/where to call them.
I want to create pages to list the "About", "Contact Page", and other content, but do not know where these pages should be located? Do I save the content of these pages within the public_html directory and simply include the templates from the various subfolders?
Concerning a config.php file: I am attempting to have all of the necessary information pertaining to MySQL connections within a single file, as well as other necessary information to be included at the beginning of EACH page within the site.
Thoughts? I'm fairly new to the cloud, and so simple and basic responses would be greatly appreciated!
You're thinking of this wrong. You don't need a directory for each user. You can use GET params to have one script (profile.php, for example) pull the appropriate profile for a user dependent on data passed to it. For example, profile.php?userid=5212 would pull the profile for user 5212 ($_GET['userid'] would contain the user's id in this case). Passing nothing could easily default to pulling the profile for the currently logged in user.
You could also use mod_rewrite so that http://www.yoursitehere.com/profile/5212/ could do the same thing (look into routes in most PHP frameworks)
Your directory structure should suit you. If the site is simple enough you could get away with something simple like just
public_html/
css/
includes/
images/
js/
Your database configuration could live in public_html/includes/ and you could include it on any page requiring a database connection. Your about and contact pages can be actual files located in public_html/ to keep things simple. Again, these are just suggestions. Your directory structure should be whatever you need it to be.
Store everything in a structure that makes sense to you. Something like this should work:
public_html
-Includes
-images
-css
-blog
And so on...
regarding the config file, you can store in in the public_html directory, or in the includes directory
You might consider using a PHP Web Framework like Symfony. It will help with a lot of the basics so that you can concentrate on the Product features.
For the user profile, Store all there information in a database with user id as a field.
When the user logs on, run a query to select all the information by querying against there user id.
As for file structure, you could use:
public html
includes
header.html
footer.html
config.php
classes
pages (stores other pages besides index.php here, contact, about etc.)
css
JS
index.php/html
and outside of the public_html folder I have my mysqli.php file.
To include these header files in your index.php file you would simply create (in your includes folder or wherever you choose) a config.php file with something like the following :
require_once($server['document_root']."/classes/filename.php"); // include needed files and mysqli connection here as well
You could also set a custom error handler in the config file as well if required.
In your index.php file you would then call the config file (which would automatically include any files you specified in the config file as well) and your header and footer i.e
include('/includes/header.html');
include('/includes/config.php');
<!--ENTER PAGE CONTENT HERE-->
include('/includes/footer.html');
I have a web application, based on CodeIgniter framework, which simply fetches data from stock exchange feeds and displays it. To enable caching the plan is to create a static HTML file once the stock exchange is closed coz there will not be any change in the stocks. Here is the structure for doc root of website
/index.php the CI controller
/application
/system
The URLs are
mysite.com/marketwatch.html - served by index method of marketwatch controller
mysite.com/marketwatch/marketindex/some-index-name.html - served by marketindex method of marketwatch controller and takes some-index-name as argument
mysite.com/marketwatch/scripdetails/some-scrip-name.html - served by scripdetails method of marketwatch controller and takes some-scrip-name as argument
Now what I can do is to create a path like DOCROOT/marketwatch/marketindex and DOCROOT/marketwatch/scripdetails/ and set 777 perms on these two so that at right time of the day the files are created in these two folders and .htaccess will direct Apache to serve these files instead of invoking whole CI framework and save sever of some botheration. The problem is
setting 777 for a folder that is served by webserver sounds wrong
I can't set 777 perms for doc root to create marketwatch.html
Can some one guide me how to solve this issue?
If you create the "cached" files in advance (even if they are empty) and give them 0666 permissions, PHP will be allowed to modify these files to update them (but don't never delete them, or they'll lose those permissions and they won't be the same the next time you create them).
You can try to set 0777 permissions with chmod function from php.
I'm creating a weather module for an application that uses weather.com's xml service. With the license from weather.com you get a couple folders of images to use with their xml service. Is there an easy or better way to store the images in the module itself rather than the public folder of the app?
I Personaly have created a folder modules in the public folder like this:
www/htdocs/meo/public/modules
For each module i create a folder in modules folder.
/srv/www/htdocs/meo/public/modules/RandImageFrontPage/
In that folder i create 3 folders:
css,img,js
I find this is more the MVC way
Since the public folder is (or, really should be) the document root of your web server, you need to put it there. The choices are:
put the images in your module, open up your folders to the outside, making the module folder accessible (bad idea)
put the images in your module, read them and output them upon request (weird idea)
put the images in the public folder
If you put the images in something like /public/images/weater_com/* I think you still got a pretty portable/namespaced location of your images.