Jump to content

accessing files above the web directory

kaliok

By kaliok
in PHP Coding Help

 Share

Recommended Posts

kaliok Member

kaliok

Posted
Posted

Hi I am having trouble locating an answer to the exact question but I am trying to do the following:

 

Place video/image files in a folder outside the web directory so that there is no direct access to the files in that folder. I believe that this would be the case if I place it outside the web directory. If I wrong, please feel free to correct me on that too. However, I would like to create a php script that can access the files. Is this possible? If so, how would I acheive this and what functions would I use to access them?  I would prefer to not have to use the htaccess file.

 

Thanks in advance for any advice...

Link to comment
https://forums.phpfreaks.com/topic/108776-accessing-files-above-the-web-directory/
Share on other sites
kaliok Member

kaliok

Posted
  • Author
Posted

Thanks for your responses... I am afraid I am still somewhat at a loss here, my directory structure looks something like this:

 

webdir

somefolder

someotherfolder

privateimagesfolder

 

I have placed the image in the privateimages folder, I can't use  ../privateimagesfolder/myimage.jpg in an html img tag to step up a level because of course it keeps the structure of the domain in front of the url. So perhaps there is a way to do this with a php function that grabs the file using the absolute path etc. I have tried using fopen and fpassthru but have not been able to get the hang of them nor am I sure that they are the right functions to use.

 

Any further help is much appreciated....

 

 

kaliok Member

kaliok

Posted
  • Author
Posted

Sorry. The script is sitting in a file directly in the webdir.

 

So it would be webdir/myphpscript.php

 

The image would be here:

 

privateimagesfolder/myimage.jpg

 

I have found what is referred to as "path for scripting" in the hosts control panel area - it looks something like this:

 

/home/linux/thenameofmyurl.com/user/

 

(user has not been changed - it is the word the hosts have in the path - and it is NOT me hiding my real username)

 

fopen is allowed by the host, and I assumed the path would be something like this:

 

fopen("/home/linux/thenameofmyurl.com/user/private/newwebsite.jpg", "r");

 

OR

 

fopen("../home/linux/thenameofmyurl.com/user/private/newwebsite.jpg", "r");

 

Thanks again for any help.

 

 

 

phpzone Newbie

phpzone

Posted
Posted

This will work, however sometimes you may run into SAFE_MODE or OPEN_BASEDIR restrictions if these modes are set on the server.  In which case, modification of php.ini is required.  You may be able to change in an htaccess file, not sure if you can change these through htaccess though, anyone?

 

PS. Normally if my structure is like this:

 

private/

httpdocs/myfile.php

 

I would do:

 

<?php

  $filename = dirname(dirname(__FILE__)) . '/private/privatefile.txt';
  $fp = fopen( $filename, "a+" ); 
  ...
  ...

?>

 

I found using ../ can have problems on some machines when we have tried to install some open source software and changing to dirname fixed them.

kaliok Member

kaliok

Posted
  • Author
Posted

Thanks for your help...Ok... So I think that is finding the file data but it might not be processing it right.. The following is the code I am using. I am suffering from two errors. The first is a problem with the getting the file to embed in an html page.

 

It is downloading the entire php file with the embedded code in it, I think that is because of the php header function, but I believe I still need it for the fopen and fpassthru commands:

 

<?
$fp = fopen("/private/privateimage.jpg", "r");
header("Content-type: application/jpg");
fpassthru($fp);
fclose($fp);
?>

 

I get the following error when I go and look at the code - it actually downloads the php file!

 

Warning:  fopen(/private/newwebsite.jpg) [<a href='function.fopen'>function.fopen</a>]: failed to open stream: No such file or directory in /home/linux/myurl.com/user/htdocs/myphpfile.php on line 33

 

Now that I am looking at file that was downloading I notice that if I do leave the ../private in there I get a lot of mess (lots of characters and ascii code) being put into the file as if it were not passing the file correctly. I could see Adobe Photoshop in amongst the mess of characters so I guess it got to the file and was reading it. Perhaps I am not using fpassthrou correctly

 

Ultimately I am trying to get this to work for movie files, so perhaps before we go any further with this and the data has to be fixed in some way I thought I would add that into the pot.

 

Perhaps too, I am going about this the wrong way, I really just want to stop people from accessing files in multiple folders without having the right password (I can make the login system and check to see if someone is logged in using php) but if people work out the full url to the folder and file, they will not have to go through the login procedure. I didn't go down the htaccess route because I would have had to rewrite the file every time a user is added,deleted or edited. So I came to the conclusion that placing the files in a folder above the webdir would be the best solution.

 

Thanks again for help.

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.