Wait, bad is good?
Okay, I have a problem. Part of the web application I'm working on right now involves being able to upload various types of files and being able to access them through the database. I was going to just store the files in a directory in the webserver, and then have the database entries contain the filename.
But, I found a problem with this method.
You see, access to the database is restricted by the website's member system. So I can't leave the files on an open directory. I can deny people from indexing that directory, but I can't .htaccess protect it either. The members would receive a 403 error when they try to access the files.
The solution that I thought of, was to have a script that would read the files, print a HTTP header, and then the read of the file. Furthermore, since I was going to process the file through a script anyways, why not store the file from the Database itself instead of just it's filename. It would save me some programming elsewhere.
I've avoided this possiblity before on the advice of others I've asked online. In this instance, however, I can't see a reason why I shouldn't.
But, I found a problem with this method.
You see, access to the database is restricted by the website's member system. So I can't leave the files on an open directory. I can deny people from indexing that directory, but I can't .htaccess protect it either. The members would receive a 403 error when they try to access the files.
The solution that I thought of, was to have a script that would read the files, print a HTTP header, and then the read of the file. Furthermore, since I was going to process the file through a script anyways, why not store the file from the Database itself instead of just it's filename. It would save me some programming elsewhere.
I've avoided this possiblity before on the advice of others I've asked online. In this instance, however, I can't see a reason why I shouldn't.
