htaccess mod rewrite help

[BuildMyWeb]

i am having a really hard time trying to learn about mod rewrites.  i have a simple single page rewrite working such as:

 

in this case if i enter an adress of http://mysite.com/profile, my server correctly interprets http://mysite.com/profile.php

#RewriteRule ^profile$ /profile.php

 

what i REALLY want to accomplish is the following.  i have user files that can be uploaded to the server.  i dont want to show their true paths.  so i am atttempting a rewrite.  the directory in red will change according to the user.  it can be any alphanumeric up to 12 chars.  the portion of the filename in purple is randomly generated upper/lower/numeric of 15 characters + any extension.  is there a simple answer someone can provide me or am i way out of my league here?

 

http://mysite.com/test/r_dforsxBCDJQTV67.docx

 

the following is my feeble attempt so far:

RewriteCond ^file/$ ^(http://mysite.com/)([[:alnum:]]{12})(/r_)([[:alnum:]]{15})(\.([a-z]){2,4})$

[requinix]

What is /test/r_blah.docx supposed to be rewritten to? What script will it run through, if any?

If you're not quite sure what I mean then answer this: what is the current, working URL for that file (which you don't want to use because it's ugly or something)?

[BuildMyWeb]

im sorry.  didnt explain that thoroughly enough.

 

i was hoping to rewrite the current, working URL:

http://mysite.com/test/r_dforsxBCDJQTV67.docx

 

to:

http://mysite.com/file

 

"test/r_dforsxBCDJQTV67.docx" is part of the literal path/filename for a file the user can upload to the server.  i dont want to advertise those paths to users so am trying to come with a way to mask or hide it.  as noted above, the directory "test" is dynamically created for each user and so will change from one instance to the next.  and the filename "r_dforsxBCDJQTV67.docx" will always start with "r_", the next 15 chars are randomly generated, and the extension is one of a few permitted.

[requinix]

i dont want to advertise those paths to users so am trying to come with a way to mask or hide it.

Which makes it sound like there isn't any kind of access control on those files. Which is a Bad Thing.

as noted above, the directory "test" is dynamically created for each user and so will change from one instance to the next.

You're actually creating a directory for each user? A real, physical directory on disk?

 

Given "http://mysite.com/test/r_dforsxBCDJQTV67.docx", what is the actual URL you want to use? Remember that it has to include enough information that you can find the file, so if the directory is important then you have to include the directory too.

[BuildMyWeb]

yes, a directory for each client.  i should probably just prepend the user_name to the filename.  is there a performance reason why not to create a lot of dirs?

 

i planned on using the dir named after the USER as a means of tracking down the proper file but i imagine we could extract it from the filename if we know the USER name comes immediately before a random 15-character string.