0

I'm working on WIN on IIS.

l'd like to manage some files (image/video) that can be uploaded and viewed only by users who have the permissions

I read (correct me if is wrong) that storing large files in a mysql db is inadvisable so I decided to store them in a folder and allow access to them only to users after php authorization

I'm not sure to how do that in a secure way, can you help me? Thanks

EDIT

path/   siteroot/   index.php
path/   files

I'd like that in folder "files" all users have writing permissions, but only the owner and his "friends" can read files written

Michele
  • 31
  • 6
  • store outside webroot- server via file after checking permissions –  Mar 08 '16 at 00:38
  • Is what i thought, but I have to give write permissions to that folder ? – Michele Mar 08 '16 at 00:42
  • 1
    IMHO this question could be better served at (Security)[http://security.stackexchange.com/] or (Programming)[http://programmers.stackexchange.com/] as this seems to be more of a design than a code question. – R4PH43L Mar 08 '16 at 00:43
  • How secure do you want it? You can just store it on a folder on your hard drive, or you may need to do some AES encryption. It all depends. – Gediminas Masaitis Mar 08 '16 at 00:43
  • only privacy , like social networks do – Michele Mar 08 '16 at 00:59

0 Answers0