Accessing files outside directory root with slim and php
Question
Currently my file structure is as follows:
├── README.md
├── app
├── classes
├── composer.json
├── composer.lock
├── database
├── public
├── templates
├── users
└── vendor
Inside of the users folder I have folders that relate to the username of the logged in user, each with their own files and folders defined by the user.
The issue I'm encountering is that I am unable to download files inside the users directory. Currently, I have my code working by moving the users directory inside of the public directory but there are pretty obvious security flaws to this. How would I make it so my users directory is one level up from the root as shown here but still able to be accessed by the public directory?
I've already tried using RewriteRule users/ ../users/ but it does not seem to work. I'm able to access the users directory through PHP, just not my front-controller in the public folder.
This is my first "real" project using Slim so I'm very new to this whole front-controller/mvc type thing. Any help would be great, thanks!
1 answers
solution1
1 ACCPTED 2016-09-16 02:53:33
In your routing logic or controller you'd need to verify the user has access to said file, then most likely use PHP to serve the file since it isn't accessible in the web path.
In PHP, you can set the proper HTTP headers and use readfile() to serve files to the end user.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.