I'm working on a College Application project.
I want to ask how to download the files that previously uploaded by user.
Here's the clear view :
User will upload the files.
Controller will handle the request and save the name of the files into database.
How admin can download the file ???
I try to access the localhost/system/files/upload.doc but doesn't got any luck.
Consider using Media views: http://book.cakephp.org/1.3/view/1094/Media-Views
These will allow you to go to a path and load the database information about the file and then present the file with necessary download headers to the user.
yes use media views. They are the best way to keep your files from being publically accessible. So an admin can be "Served" the file and others can not get to them .
You can rename the file and things like that as you serve it to the user as well. Very nice feature of cake.
Related
I have an AngularJS app that, upon requested to upload an image, creates a folder inside the file system (CentOS) and then puts that image there, telling the user everything went OK or not.
Is this possible? All I've found is ways to download the file.
Thanks.
It is better to delegate this task to a service on the server, since it is file that is uploading to a server. I put simple rest service to file upload this file to the server.
I am using ng-file-upload library to post files to my back end Web Api. Once the file is posted I save it to the following folder
"~/App_Data/Tmp/FileUploads/"
and also save the path to my database.
Now when I go on edit mode; I want to get a preview of all uploaded files (photos). But when I use something like
ng-src="path"
I get
"Not allowed to load local resource"
is this the right approach, when serving files from disk?
That path is a server path and not a client path so for sure that won't work.
You need to have an endpoint on your server to allow downloading those files with id or name/path and then set the src of the img to that url.
The implementation download endpoint depends on your backend technology.
If in your edit mode you still have access to the file object that use has just selected then you can do:
<img ngf-src="file">
I'm thinking about moving one of my clients mysql db to Rackspace could databases. Application is using Cakephp.. I would like to know if someone has experience doing so or will this work just by editing host/user/pass in the database.php file?
I havn't done so but Rackspace has a tutorial about doing so :
http://www.rackspace.com/knowledge_center/article/installing-cakephp-on-cloud-sites
It seems pretty simple, so you should not have any problems
Steps for cake
Locate the .htaccess file in the content directory. After "RewriteEngine on", add a new line with "RewriteBase /" to the .htaccess file and save the file back to the site. You will need to repeat this step for the rewrite rules in the .htaccess files in the app and app/webroot directories.
Load the site in your browser. You will notice several warnings concerning the installation. The first warning will be the following: Notice (1024): Please change the value of Security.salt in app/config/core.php to a salt value specific to your application [CORE/cake/libs/debugger.php, line 556].
Open app/config/core.php file and search for Security.salt. Change its value to whatever characters or string you would like, then save and close the file.
In the app/config/directory in FTP, rename the database.php.default file to be database.php.
Open app/config/database.php and scroll down to the bottom of the page to find the database connection information. Enter your database host name, user name, password and hostname, then save and close the file.
Reload your site in your browser.
We have made a silverlight application where users can preview audio files from their browser from the telerik radmediaplayer control.
The files are on a webserver and anyone who sniffs the trafic can download the file.
We would like to prevent non-logged-in users from accessing/downloading these files.
Besides providing the application with some sort of temporary valid url and implementing a custom httphandler... what are our options?
It's not too big of a problem if our customers can download the files, we just don't want the rest of the world to also have access.
Any ideas would be more than welcome!
[Update]
The only thing I can come up with is:
host the files in a non-public folder
if a user requests to prelisten a file, copy it to a public folder under a new name ([guid].mp3) and return it's url
every x minutes clean the public folder.
Don't let the web server serve up the files straight out of a directory. Put part of your application in front, and left one of your server-side scripts serve up these files. Keep the raw audio files out of the web root.
For instance, your client-side application would access files like so:
http://someserver/yourscript?audio_asset_id=12345
The code at yourscript would verify the session data, ensuring that a user is logged in, would then go figure out the real path to asset ID 12345, and echo its contents to the client. Don't forget to include the proper Content-Type header as well.
Once the accessing of these assets is under your control, you can implement whatever security measures you like. If your sessions area already pretty well safe-guarded, this should be fine. I would also recommend implementing sane quotas. If you get 100 requests on an asset using the same session ID from multiple IP addresses... something isn't right.
I'm looking for a CakePHP best practice to serve folders/files to clients after they are authentificated. I know it's simpler to use a .htpasswd/.htaccess based solution but i wonder for a better way.
What is it for?
I want to create a client-area where authenticated clients can see contents of there private folder(s). E.g. to test some static html templates before CMS Integration or upload some documents like commented screenshots or pdf files.
A usecase could be:
Create a new client (only by admin)
Generate Login credentials for different user of the same client
Create a new client folder (only by admin)
Upload some static html to the client folder
After login the client can access the folder and view the html
After logout access to the static files is restricted
Any suggestions?
Do you know about CakePHP's "Media Views"? I think that you might be able to do what you want with them.
quick & dirty example...
public function serve($filename = null) {
if($filename && $this->Auth->user()) {
$this->viewClass = 'Media';
$params = array(
'id' => $filename, // full filename
'name' => 'example',
'download' => FALSE, // true, then you get a download box
'extension' => get_the_file_extension($filename),
'path' => APP . 'outside_webroot_dir' . DS
);
$this->set($params);
} else {
// redirect to login or something
}
}
I think the easiest way is to use a database structure for this.
The files are stored on the server anyway, where does not matter.
This is how you do:
Create a table in the database called DataFile (due "File" causes problems with the Cake "File" class). Fields should be something like: id, data_folder_id, name, size, mime_type etc. Use what fits your needs.
Create a table in the database call DataFileFolder. Fields here: id, parent_id, name, visible. Same as above, whatever fits your needs.
Create an association key in the client table or a whole assocation table if needed. (For example: one client and 50 folders in different places). Be aware of the assocation you create. If you use Client->DataFolder the client has automatically access to all files within that folder.
Bake models and a FileController with an index frontend method and admin actions as well as views.
Optimize admin methods for creating either a file or a folder record.
The index method for the frontend has one parameter which represents the folder id. You output each an every folder and file in the folder starting with the first the user is allowed to access. You could also just ouput a list of folders the user is allowed to access in case these folders are on different levels of the new "file manager". You have to check permission on each an every new page call for the given folder id. But that's clear, i think.
Implement a download method for the files based on the media view mentioned above. This should be it.
I think this is the best and easiest way to control the access for such folders.
Due there are some limitations if it is not your server by post_max_size etc. you should maybe think about an external script (or write it on your own if you have the time ;)) to load those file over ftp.
You could also think about a folder accessible on your ftp to upload files. In the "new file" dialog in backend this folder will be outputted and you can include the file into the system by just copying it (via PHP of course). Advantage: only one upload (though it only be two if you are using the ftp upload method mentioned before this).
If you are just into sharing files with clients and those clients are not going to have access on anything else based in your cakephp project just use ftp with a folder for each client. Faster and easier to handle because you can send them urls like "ftp://username:password#yourserver.com" and done. They are logged in, they can view the html files due they are accessing the ftp via the browser and it should be noob safe.
Hope anything of this will feed your needs :)
Greetings
func0der