0

I am not sure exactly where to post this, sorry if this is in the wrong section.

Anyways, here goes.

I have developed a website where I want users to be able to securely login, and view content specific to them. This content can be like text-based messages, MS Word files, PDF files etc.

Now my site is arranged as a bunch of folders, with an index.htm file in each. Login is done using a php script. After a successful login, user is sent to an 'index.php' page.

Firstly, I don't know where to place the secure content, or if I put it in a folder how to lock access to it. Obviously I don't want anyone to use a browser to just get to this folder and download whatever they like.

Secondly, for each user how do I maintain a separate database - which contains the information about documents specific to that user. Surely, mysql cannot handle files in its db capabalities?

Hope this was clear enough.

Thanks.

2
Contributors
2
Replies
3
Views
5 Years
Discussion Span
Last Post by sarovarc
0

You don't need a separate database for each user!
You have a table within your database that lists the document owner/user and the filename and path, and anything else relevant to the document if necessary. (Also MySQL CAN store files, images etc, it is just not recommended as good practise by anyone.)

Edited by drjohn: n/a

0

Thanks for the information, unfortunately it raises some more questions in my head!

My main database - has a table inside it which contains information about users who have site access.

Now for each user - as they are registered for site access - should I create a new table within the main database specific to the user - or just one table which contains information about file paths and owner?

Secondly, over time a user may own 100s of documents on the server. There is no way of knowing how many documents might belong to a user. In that case, how do I set the size of this table or preset the number of columns in it? I am assuming that each column contains file path to 1 file.

Also where should I put these documents? If I place them in a folder on the server, how do I restrict access to this folder. I mean anyone with a knowledge of where these files are placed, can simply access it through a url, or am I wrong about this.

Thanks again. Happy New Year :)

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.