Help with php permissions and file access
Posted 27 June 2006 - 01:58 AM
My first thought was to change the permissions. I didn't want to do this at the directory level though since if I changed it back for one user, then until that user was done everyone would have access to the directory. SO I thought I'd user permissions on the files. SO when the file is uploaded I set the permissions to 0, no one has access. Then when the user is logged in and click to view their file, the php can change the permission to 777 or something in between and let them look at the file. This works, but then I am stuck with how do I make sure the files get the permissions changed back to 0 when the user is done. To do it in php there needs to be an action and I don't want to trust the user that they will click another link. I also don't like the idea of people being able to go to htt://www.mypage.com/filedir/ and being able to see the list of files even if they are protected by permissions. How can I get around my problem, or is there a better way to do this that is standard? The files are very sensitive so security is a big concern here.
Also, and words of advice on how to protect the server from users uploading viruses? Thanks so much, I am very appreciative of any help.
Posted 27 June 2006 - 03:54 AM
Posted 28 June 2006 - 12:26 AM
Posted 28 June 2006 - 12:36 AM
Disclaimer: Free advice is usually worth what you paid for it. ( or at least when it's coming from me! )
Posted 29 June 2006 - 12:40 AM
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users