to Apache, it's more than 10x faster compared with my previous
solution using a controller to pass the file contents, and memory
usage also drops to almost nothing.
http://dtemes.blogspot.com/2011/05/secure-downloads-with-apache-and.html
On 27 jul, 01:04, DigitalDude <e.blumsten...@googlemail.com> wrote:
> Hey,
>
> today I was wondering on how to solve a specific task: I have a Cake
> app where users can upload images. As most of us know the image folder
> in the webroot is public and anyone could view these images, as long
> as they know the filename (listing of index is prohibited).
>
> Another way is to put uploaded files on an image server via ftp and
> save the filename to the database.
>
> The problem I have now is, let's say users terminate their account on
> my app and still know a few filenames, they could just type in the
> address with the filename and would still see the image!
>
> I guess the problem is the same when I have an image server...
>
> So when a file is called abc.jpg, and it was available athttp://myapp/img/abc.jpg,
> also not logged in users could still view this image.
>
> I'm looking for an idea or a way to protect this image so only logged
> in users can view it. It may be ok when other logged in users could
> view it when they know the address. But it would be very intersting if
> anyone would have a clue if it would be possible to protect them from
> a direct access via typing it into a browser as a url...
>
> Any ideas or hints for this?
>
> Regards,
>
> DD
--
Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org
Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions.
To unsubscribe from this group, send email to
cake-php+unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php
No comments:
Post a Comment