I develop website where users can upload doc , pdf and text files . They also can see files list and delete files. Problem is in this files have personal data . Can i protect somhow this files ? I Want administrators and moderators to see this files but also i want to protect from random downlad from other peoples. I hope i explain well .
Put them somewhere outside of the webroot, only accessible via your system. Whenever someone tries to access it, check his permissions and if they're okay, serve the file.
Related
Imagine that a user uploads a file called "myAssignment.docx" to Moodle to complete the submission of an assignment. Where would the folder containing "myAssignment.docx" be? Is it in the moodledata folder outside the public web directory or somewhere else? I am trying to locate that folder because I want to monitor its growth to determine when I should upgrade my web hosting service to provide more storage space for files that students upload to the server.
https://docs.moodle.org/dev/File_API_internals#File_storage_on_disk
The simple answer is inside:
$CFG->dataroot.'/filedir'
It is stored in /repository directory from Ver 3.62.
You may have subdirectories. Check which one is used for the purpose.
I am able to see the source code from my .app file that is i am able access image
files. How can i restrict that? I dont want my user to access the files from app. Please help me in resolving this issue.
Update: Sorry i was supposed to write .h/.m files are not accessed but image files can..
There is a mismatch in type , i didn't observe
You cannot see code from the IPA you upload to the store. No one can see your code. Someone could, however, see you image files, audio files, sqlite files, plist files, etc.
Per your update:
You cannot prevent the files from being accessed. It's like the web: if you can see it, you can steal it.
Heloo,
I have website that built by SPIP and already online on the internet. Since my webmaster dont work anymore with us, now I try to learning CMS SPIP.
I want to edit one of the html file, located inside this directory : httpdocs/squelettes/myfile.html. Say the name of my file is myfile.html
I changed some part of the file than upload it through fileZile. When I open my browser and refresh it, the file haven't changed yet. but it's successful upload.
please advise, do we need to configure something to upload the file.
Thank you for your help
There is a simple way to refresh a page in SPIP when you have caching issues : pressing the Reprocess page button on the public site (as said by Serge) or adding ?var_mode=recalcul as a parameter of your URL.
I think the matter is in website cache. SPIP is hard caching HTML and images.
Try to clean cache via private area (under Maintenance button in SPIP 3) or press "Reprocess page" button on the front-end.
With your FTP connection go to the SPIP root directory, then find the /tmp directory open it and clear\empty the /cache directory inside it. This directory contains temporary files & cache files.
I'd like to allow user to select a directory (in which I parse some text files) and store the result(List<File>) in a PERSISTENT storage on the same client so that when the user returns, there is no need to select the same directory again.
During the session selecting the directory (via <input webkitdirectory="..." />) and then accessing the directory and parsing the file already works fine, but I've no idea on what kind of data I shall save in order to retrieve it later. I've tried by using window.webkitResolveLocalFileSystemURL() but wasn't successful so far... any idea?
Ok, so you're using something like:
<input type="file" id="file-input" webkitdirectory="" directory="">
This lets the user upload a directory. Roughly speaking, here's the code to get the list of files uploaded:
query("#file-input").on.change.add((e) {
print(e.target.files);
});
It sounds like you already figured that part out.
Really, you just get a list of files. I looked at e.target, and I don't think there's anything in there related to the directory itself. For instance, I don't see anything about the directory name, and it's not as if you suddenly have write access to that directory. You also can't upload files from that directory the next time the user loads the page without him selecting the directory again.
However, what you can do is upload files from that directory and save a copy of those files locally using local file storage.
See also:
"Using the HTML5 Filesystem API" p. 20-21
https://github.com/dart-lang/dart-html5-samples/tree/master/web/file
How do I use Google Chrome 11's Upload Folder feature in my own code?
By the way, I know I wasn't able to achieve exactly what you wanted, but if you approve of my answer, please accept it. My boss promised to buy me a puppy if I answer 100 questions on Stack Overflow ;)
I need to upload multiple files on my website.
But I need not just a form for uploading multiple files, I need to upload whole directories.
How's this possible for the minimalist?
Yours, Joern.
According to my somewhat limited knowledge this is not possible, only file transfer is possible, not directories.
Here are some workarounds, based on discussion on Velocity Reviews and another discussion:
upload a zip, which you unzip at the server side
upload directories over ftp (web page can be a front end to this)
upload files one by one
I would go either for zip or ftp. Note: someone might have produced a gem that enables uploading directories (I know nothing of such thing, but I will be happy to find out, if there is).
Adding another option to the list provided by Sorrow:
upload via REST/JSON
OK, this is a partial solution, but it does give you the opportunity to write a script that reads your directory and POSTS to your website.