refbase - Web Reference Database

Email Archive: refbase-talk (read-only)

2003:	_Jan (1)	_Feb	_Mar	_Apr	_May	_Jun (2)	_Jul	_Aug	_Sep	_Oct	_Nov	_Dec
2004:	_Jan	_Feb	_Mar	_Apr	_May (1)	_Jun	_Jul	_Aug	_Sep	_Oct	_Nov	_Dec
2005:	_Jan	_Feb	_Mar	_Apr (1)	_May	_Jun (1)	_Jul	_Aug	_Sep	_Oct (4)	_Nov	_Dec (5)
2006:	_Jan (6)	_Feb (4)	_Mar	_Apr (12)	_May (1)	_Jun (4)	_Jul (1)	_Aug	_Sep	_Oct (5)	_Nov	_Dec
2007:	_Jan	_Feb (3)	_Mar (2)	_Apr (1)	_May	_Jun	_Jul	_Aug	_Sep	_Oct	_Nov (4)	_Dec (2)
2008:	_Jan	_Feb	_Mar	_Apr	_May	_Jun	_Jul	_Aug	_Sep	_Oct	_Nov (5)	_Dec (9)
2009:	_Jan (2)	_Feb	_Mar (2)	_Apr	_May (6)	_Jun (10)	_Jul (8)	_Aug (9)	_Sep (2)	_Oct (7)	_Nov	_Dec
2010:	_Jan (3)	_Feb (14)	_Mar (1)	_Apr (12)	_May (5)	_Jun (9)	_Jul (2)	_Aug (4)	_Sep	_Oct (2)	_Nov (1)	_Dec
2011:	_Jan (6)	_Feb (2)	_Mar (2)	_Apr	_May (2)	_Jun (1)	_Jul (4)	_Aug (2)	_Sep	_Oct	_Nov	_Dec
2012:	_Jan (2)	_Feb (2)	_Mar (2)	_Apr (4)	_May	_Jun	_Jul	_Aug	_Sep (2)	_Oct	_Nov	_Dec
2013:	_Jan (2)	_Feb	_Mar	_Apr (9)	_May	_Jun	_Jul	_Aug	_Sep	_Oct	_Nov	_Dec

[refbase-talk] Storage of files

From: A-P. Lian <andrew.lian@an...> - 2011-07-29 08:10

Attachments: Message as HTML

Hello

I am just returning to refbase to experiment a bit with the latest version.
I have a question, though.

Is it possible to store user-uploaded files above the root of the web server
(so that they will not be directly accessible except after a login or
something similar)?

>From what I understand, files are stored in a directory created inside the
the main refbase home directory. This means that if anyone can guess the
name of the file's URL, they will be able to be downloaded.

If it is not possible to store the files above the root of the directory, is
there some way of protecting them?

Thanks for any help.

Andrew Lian

-- 
--
Professor Dr. Andrew Lian
School of English
Institute of Social Technology
Suranaree University of Technology
111 University Avenue
Muang District
Nakhon Ratchasima, Thailand, 30000
Emeritus Professor , University of Canberra, Canberra, ACT, Australia
Vice-President of AsiaCALL
e-mail: andrew.lian@...; website: http://www.andrewlian.com

We don't see things as they are, we see things as we are. (Anaïs Nin)
The universe is made up of stories, not atoms (Muriel Rukeyser)
When you change the way you look at things, the things you look at change
(Max Planck)

Re: [refbase-talk] Storage of files

From: Richard Karnesky <karnesky@gm...> - 2011-08-01 06:34

> Is it possible to store user-uploaded files above the root of the web server
> (so that they will not be directly accessible except after a login or
> something similar)?

You can certainly limit access to the file upload directory (defined
in initialize/ini.inc.php) using .htaccess or other approaches.


> From what I understand, files are stored in a directory created inside the
> the main refbase home directory. This means that if anyone can guess the
> name of the file's URL, they will be able to be downloaded.

You can use the <:randomNumber:> token to make them unguessable.

--Rick

refbase - Web Reference Database

Email Archive: refbase-talk (read-only)

5 messages have been excluded from this view by a project administrator.