I'm writing a website that assigns URLs under the root domain to various user-specified records, so I'm trying to leave as many top-level paths unused as possible. Thus, I'd like to put everything in public, including assets, under a subfolder (e.g. 404.html would become edit/404.html, assets/users.css would become edit/assets/users.css, etc.). Is there a simple and sane way to do this that'll keep things like image_tag working?
Related
I have a few websites that are in a single folder for example:
en
de
nl
fr...
in these folders are the websites.
What I want to do is add an images folder into here and have all of the sites referencing this images file. The reason for this is so when I add another image I only have to do it once not multiple times.
My problem is that I can't seem to find a way to reference to this file. I'm not sure if its possible becasue it is before the site roots.
Is there any way to do this?
You can either do it as a virtual directory which you include in all your sites, but a stronger approach would be just to make it a site by iteself. Chances are if you are using it for images, then its purpose is to serve static content.
What i would do is create a site named static.yoursite.com and in that site have a few folders (css img js). Then when you need to load an image from any of your sites you would do it like this:
img src="//static.yoursite.com/img/global/background.png" or
img src="//static.yoursite.com/img/de/welkome.gif" or
Having it all in a separate site might make it easier to migrate to something like S3 or a real CDN like cloudfront in the future. It will also make it super easy to set the proper expires headers and caching for static content.
I have the following folder structure in my zend framework 2 tutorial project in Ubuntu:
/zf2tutorial
/module
/Album
/view
/album
/album
myImage.png
index.phtml
in my index.phtml code I have a line such as this:
<img alt='SMALLIMG' src='myImage.png'/>
this does not work.
If I change the myImage.png to be http://www.someurlhere.com this works fine.
How do I load in myImage.png instead? I tried giving it the direct URL:
/home/myUsername/NetBeansProjects/zf2tutorial/module/Album/view/album/album/myImage.png
I've also tried doing the following:
../myImage.png
but neither of these worked.
Also please note, it has to be a bad path (I must be doing something wrong here) because the broken image icon shows up... indicating there is a linking problem here.. the direct URL is copy pasted from the properties section of the image itself..
It's not a problem of image or path. You are trying to make an impossible thing.
You certainly define in your virtualhost configuration that the documentRoot is your public directory.
That means your web server will give access to resources located from this public directory.
You have to put your resources from this public path (css, images..) or you can define a symbolic link if you allow followingSymlinks.
Hope this helps.
<img alt="" src="img/2 header960.png" align="center" >
The fundamental issue you are confusing is the difference between views vs public content.
View files are essentially HTML templates into which you can inject certain values at runtime. Your directory structure correctly places this stuff within a views directory inside your module. These template files themselves are never exposed to the end-user. They are only used by the application to generate fully-populated HTML chunks that are eventually sent to the browser.
In contrast, static assets - like images, javascripts, external stylesheets, etc - are served directly by the webserver to your visitors. As such they need to be in a directory that the webserver has been told to publicly serve to visitors.
The easy thing to do is to simply move directories containing these static assets out of the module and into the app's public folder.
But this is undesirable in the sense that you might reasonably want the module to be a self-contained entity: it can contain its own routes, its own controllers/actions, and, in particular, its own static assets.
So, how to make the webserver reach down into the module and treat some of the content there as "public"?
The answer is to use an "asset manager", a component that links certain module content into the app's public directory. Typically this means:
Activate the asset manager module
Create a public directory inside your module
Place those static assets there
Inform the asset manager which public module directories into the public app directory.
Take a look at the AssetManager module by Roberto Wesley Overdijk and additional instructions for use.
[As a side note, welcome to the world of web development. ZF2 is a great framework, but it's not the easiest thing for a beginner. It provides a lot of flexibility for doing things in a "good way", but it can certainly come off as convoluted at first. Try not to get discouraged. ;-)]
the reason may be the image extension (.png)
please check your exact extension case, is it written in small or capital case???
update your image link exactly as like the name of image.
eg.
myImage.png or myImage.PNG
try to look for an .htaccess file somewhere in your dir most probably on module folder..that file blocks the access for the image you are trying to link..(my basis here is my application in yii which fails to show the image even if the path is correct)
you may create an images folder in your home dir: /zf2tutorial/images for example and put all the images there calling it: src="/images/myImage.png"..
or
find the htaccess im talking about, change the restrictions(or delete it:|) and you can use this path: src="/module/Album/view/album/album/myImage.png"..
<div id='small_image'>
<a href='/feeds/posts/default' title='smallimg'>
<img alt='SMALLIMG' src='c:/home/myUsername/NetBeansProjects/zf2tutorial/module/Album/view/album/album/myImage.png'/>
</a>
</div>
I would like to create a simple file repository in Ruby on Rails. Users have their accounts, and after one logs in they can upload a file or download files previously uploaded.
The issue here is the security. Files should be safe and not available to anyone but the owners.
Where, in which folder, should I store the files, to make them as safe as possible?
Does it make sense, to rename the uploaded files, store the names in a database and restore them when needed? This might help avoid name conflicts, though I'm not sure if it's a good idea.
Should the files be stored all in one folder, or should they be somewhat divided?
rename the files, for one reason, because you have no way to know if today's file "test" is supposed to replace last week's "test" or not (perhaps the user had them in different directories)
give each user their own directory, this prevents performance problems and makes it easy to migrate, archive, or delete a single user
put metadata in the database and files in the file system
look out for code injection via file name
This is an interesting question. Depending on the level of security you want to apply I would recommend the following:
Choose a folder that is only accessible by your app server (if you chose to store in the FS)
I would always recommend to rename the files to a random generated hash (or incremntally generated name like used in URL shorteners, see the open source implementation of rubyurl). However, I wouldn't store them in a database because filesystems are built for handling files, so let it do the job. You should store the meta data in the database to be able to set the right file name when the user downloads the file.
You should partition the files among multiple folders. This gives you multiple advantages. First, filesystems are not built to handle millions of files in a single folder. If you have operations that try to get all files from a folder this takes significantly more time. If you obfuscate the original file name you could create one directory for each letter in the filename and would get a fairly good distributed number of files per directory.
One last thing to consider is the possible collision of file names. A user should not be able to guess a filename from another user. So you might need some additional checks here.
Depending on the level of security you want to achieve you can apply more and more patterns.
Just don't save the files in the public folder and create a controller that will send the files.
How you want to organise from that point on is your choice. You could make a sub folder per user. There is no need to rename from a security point of view, but do try to cleanup the filename, spaces and non ascii characters make things harder.
For simple cases (where you don't want to distribute the file store):
Store the files in the tmp directory. DON'T store them in public. Then only expose these files via a route and controller where you do the authentication/authorisation checks.
I don't see any reason to rename the files; you can separate them out into sub directories based on the user ID. But if you want to allow the uploading of files with the same name then you may need to generate a unique hash or something for each file's name.
See above. You can partition them any way you see fit. But I would definitely recommend partitioning them and not lumping them in one directory.
I have a problem, I would like to store files outside the public folder using paperclip (to make them private), it would be very simple, just configure the :path option, but to retrieve those files (many of them images) I would need a controller method (ie. get_file), making very slow when you display a list of files with the "thumb" images. I was thinking to use a random name to store the files in the public, some cryptic name with SHA1 or something, how hard would it be to access a file.?
As long as you make sure that the directory is never listed and the name is really random (does not depend on the real name) and long enough (16 alphanumeric characters should be ok) this is a feasible and common method to do it.
I cleaned up someone's style sheet for a Dreamweaver site, by editing the css directly, and now the secretary is having trouble using her old template.
Most of the files in her site reside in subdirectories of the 'upload' directory. For example, I would have expected to see the stylesheet in
../assets/css/ etc.
but in fact I'm finding it in
../upload/assets/css/ etc.
In addition to assets, I am also finding Templates and images as subdirectories of 'upload'.
Do you know why this 'upload' directory was used?
I am considering two possible approaches.
(1) Make sure everything needed is in ../upload/ and remove the subdirectories that are directly in the root directory
(2) Edit the template to remove all references to ../upload/
Note that (2) appeals to me because the file structure will be simpler; but I wonder if the client has some sort of extension in her Dreamweaver that causes everything she ftp's to be put into the 'upload' directory.
Note that so far I have copied my cleaned up css file over to ../upload/assets/ as a short-term solution. But they want to be able to make changes to their template, and add new pages, on their own in future.
Thanks.
The likely problem is how she has her FTP remote settings specified. It appears that it now points to the upload folder rather than the web root. Or, it could be that her FTP user account is tied to the upload folder rather than the web root.