protect files

Discussion in 'PHP' started by stephan2307, Mar 30, 2015.

0
  1. #1
    Hi,

    what is the best way to password protect files on a server?

    I have the following scenario.

    A CRM system where a user uploads a file. There are 2 other users that can access files but in this situation only 1 of them should be able to access the file.

    In the past I created a central entry point via a php file where the php script checked the permissions and if the user should be allowed to look at the file, the php script would load it into memory and then output it. This way the real location of the file would always be a secret.

    However this method would fail for large files.

    Any other ideas?
     
    stephan2307, Mar 30, 2015 IP
  2. PoPSiCLe

    PoPSiCLe Illustrious Member

    Messages:
    4,623
    Likes Received:
    725
    Best Answers:
    152
    Trophy Points:
    470
    #2
    On upload, store the url in a database (random file-name), and, with that, store which users, or better, which access levels should have access? And then, based on user levels show a list of files.
     
    PoPSiCLe, Mar 30, 2015 IP
  3. webshore88

    webshore88 Well-Known Member

    Messages:
    131
    Likes Received:
    1
    Best Answers:
    0
    Trophy Points:
    123
    #3
    I agree with PoPciSiCLe. You van do one more thing, rename file name with random string then store into DB.
     
    webshore88, Apr 13, 2015 IP
  4. stephan2307

    stephan2307 Well-Known Member

    Messages:
    1,277
    Likes Received:
    33
    Best Answers:
    7
    Trophy Points:
    150
    #4
    Thanks for the ideas. Will give it a go.
     
    stephan2307, Apr 13, 2015 IP