Hi,
first of all I would like to thank you!
I was using encode-explorer already quite a bit with a few changes - and now due to updating I felt it might be worth sharing what I did.
Regarding the .htaccess:
While I didn't want to have an additional file in the project, I had problems displaying the Lines in the Readme.
I think it would be nice to have also an example for an nginx like configuration.
Explanation for the Download on the right side:
I had to provide a lot of images and because it wasn't me who had to work with, I wanted to ease the job for the one who had to. (And no, packaging all pictures for one simple download wasn't an option :P)
Explanation regarding the php processed download:
with the php processed download your script has to provide the data, this way you can fully log and permit/deny access to the files, but the provider has to setup rules through htaccess or otherwise configs.
Problem as noted could be a php timeout, but it didn't happen to me yet.
Probably it would be better providing this functionality with an additional option, but on the other hand if a login is required, and you provide rules to protect your files, there shouldn't be a way around.
Edit: I fixed some security mistakes caused by php processed downloads (like going directories upwards or access to hidden files/directories
Hi, first of all I would like to thank you! I was using encode-explorer already quite a bit with a few changes - and now due to updating I felt it might be worth sharing what I did.
Regarding the .htaccess: While I didn't want to have an additional file in the project, I had problems displaying the Lines in the Readme. I think it would be nice to have also an example for an nginx like configuration.
Explanation for the Download on the right side: I had to provide a lot of images and because it wasn't me who had to work with, I wanted to ease the job for the one who had to. (And no, packaging all pictures for one simple download wasn't an option :P)
Explanation regarding the php processed download: with the php processed download your script has to provide the data, this way you can fully log and permit/deny access to the files, but the provider has to setup rules through htaccess or otherwise configs. Problem as noted could be a php timeout, but it didn't happen to me yet. Probably it would be better providing this functionality with an additional option, but on the other hand if a login is required, and you provide rules to protect your files, there shouldn't be a way around.
Edit: I fixed some security mistakes caused by php processed downloads (like going directories upwards or access to hidden files/directories