[Question] Access to files stored in non public folder

[joancipria]

Hi. First, thanks you for this beautiful framework. I really love it! Here is my question:

My users upload some sensible files to the server. This is working perfect, I've created a "docs" folder in the root of the project and when somebody upload something, it goes there.

Now my problem, I want to access this files (img, pdfs) via the admin user. The main problem is that the files are in a non public folder. I know there should be a very easy way, but I don't know it.

Any idea?

[panique]

Hi, thanks ! :) Good to see that this little framework is useful for you! Can you say how exactly you want to access these files ? More like viewing or editing them or downloading them ? Do you have like 1 or liek 50 admin users ?

[joancipria]

I was thinking more on a direct link to the resource for viewing it in a new tab or a download link. What is the easiest way? I can adapt the platform, it doesn't matter for me. About admin users, I have more than 1, around 7-8 more or less.

[MirazMac]

Why don't you just place the folder inside the public directory. Since all the request routes to the "public/" directory, if you place the "docs" the folder inside the public folder anyone will be able to access it via http://yoursiteurl.ext/docs/

Hope that helps :)

[joancipria]

Hi @mirazmac and thanks you for your answer! Because this files contain sensible information about users's personal life (we are talking about personal documents) I must protect it from public users. Only the people who is requesting this information (admin users in this case) can access it. That was the reason why I created the "docs" folder outside of the public folder. It was my "first" idea, but my problem is that I don't know how to acces them via admin users, so maybe my "solution" is not the best. Thanks you so much for your attention, I really appreciate your help!

[sr-verde]

Store your data somewhere and access them via a php-file, e.g. like described here: http://www.media-division.com/the-right-way-to-handle-file-downloads-in-php/

You should build it inside the framework, of course, and validate if the user is admin.

[joancipria]

Great solution! It worked for me @sr-verde ! Excellent post it really helped me a lot to write my download handler php script in the right way. Thanks you so much guys! @sr-verde @panique @mirazmac. I'm so glad with your help!