Page 1 of 1

How to save uploaded files

Posted: Sat Sep 13, 2008 11:23 am
by yacahuma
I am writing an application that not only generate files but also alllow to upload files.
I usually create a folder outside the webroot and stream the files. BUT, is it the same
if I use a folder web accessible but password protected??

What about security risk between the two choices?

/system/htdocs/mysite/uploads([password protected)
vs
/system/uploads


Thank you

Re: How to save uploaded files

Posted: Sat Sep 13, 2008 2:42 pm
by panic!
system/uploads will be inherently more secure.

Re: How to save uploaded files

Posted: Sat Sep 13, 2008 4:33 pm
by yacahuma
Thank you.

I found this too
"You should not use this password protection facility for anything serious, like guarding your customer's data, credit card information or any other valuable information. It is basically only good for things like keeping out search engine bots and casual visitors. Remember, your data isn't even encrypted in the directory with this method."