im fairly new to laravel and im currently working on a project that needs to store files in the server. What im doing is store it under public/docs the problem is the files under that directory is accessible all the time given that they know the url to the certain file. for example even if they are logged out if they know this url http://localhost/dummy/public/uploads/docs/2016-06-02-10-52-43-oth-content-inventory-and-planning-spreadsheet.pdf they would be able to access it what im thinking is to do something like this
in my routes i would do something like
Route::any('uploads/docs/' , 'go to some controller to check if user can acces');
is this possible? thanks in advance!
it's called public for a reason...
you should use storage instead (laravel 5) in storage you dont restrict access, actualy the opposite, you grant access to the file .
try this for laravel 4.2 (move the file after upload like this to a storage folder)
Input::file('file')->move(__DIR__.'/storage/',Input::file('file')->getClientOriginalName());
});
Anyway ,the conclusion is that you can't restrict access (you shouldn't even if there is a way) because it's meant to be public ! so you should use storage folder(or whatever its called in laravel 4)
Related
In a Laravel project in the folder app/mail there is a file called WelcomeDogSchoolManager.php
In this file I can see the text that is being sent when a new user registers himself.
Within this file, I can see the following code:
#component('mail::button', ['url' => $passwordResetUrl])
Registreren
#endcomponent
Unfortunately, the developer left a mistake in the $passwordResetUrl (leaving it at "https://login..{domain}.nl" instead of the required "https://login.{domain}.nl"
This causes all my users being unable to register (unless they manipulate the URL).
Where in the Laravel Project can I search for the option to change the $passwordResetUrl?
I have no working knowledge of Laravel and am basically just searching through all the files on the server using Filezilla, trying to figure it all out. I got to this point, but have no idea how to proceed further.
Any tips are appreciated!
if your're using Laravel version lower then 6 then search for forget controller. It's basically inside that folder because email is triggered from that controller. Hopefully, you'll find the parameter which is passing to the WelcomeDogSchoolManager class.
I am new in Laravel and want to know such problem
I am running an web application on several server using Laravel.
But I have encountered with an issue.
When there is modification for the project, I need to sync with git on several servers.
But it has different settings for each server (eg: DB name, DB password...)
I have set it manually because I couldn't use .env or configuration file since the file is just pure php file.
The issue I want to solve is how can I get Laravel configuration data from pure PHP file(not controller or whatever).
It will be thankful if someone teach me solution.
You asked:
how can I get Laravel configuration data from pure PHP file
The answer would be this:
You just make some file in config/ folder of laravel app (or use the existing file like config/app.php)
You make an array of your key value pairs
<?php
return [
'some_key' => 'some_value',
...
and you simply call it with this code where ever you need it:
config('config_file.key');
for example
config('app.name');
would give you Laravel by default.
Laravel 5.6 custom storage link/mount to other location on Windows OS
https://laravel.com/docs/5.6/filesystem#configuration
php artisan storage:link will point the
http://localhost/storage to c:/project/storage/app/public
means visit http://localhost/storage/image.jpg = c:/project/storage/app/public/image.jpg
but how to custom the uri link to other location ? eg..
http://localhost/ramdisk/image.jpg link to z:/ramdisk/image.jpg
or
http://localhost/avatar/image.jpg link to z:/avatar/image.jpg
First of all: why would you like to do that? The images you upload should be in /storage/app/... or in /public/images/... Other disks may be unavailable if putting the app on a server.
To clarify, the php artisan storage:link only creates a symlink in /public/ folder pointing to the app/public. (I think in 5.6 it has absolute path so on server or after moving the application you have to delete and generate it again.)
So if you really want to access disk z on your PC from the app you should create a symlink in /public/ folder with the desired name. For example:
http://localhost/ramdisk/... would be a symlink named ramdisk in the public folder and would point to z:/ramdisk/. Then you would be able to access the folder contents as you wish.
Of course you can have multiple symlinks so you would create another one for the avatar folder too. Also make sure that disk z has a public access.
I was not able to test it, but I am sure that it would work, however I would not recommend it. If you want to use something in your app it should be within the app. (Except S3 drivers like amazon cloud storage.) I hope it helped.
hi guys im pretty new in laravel 4.2 i have a project that stores file in the server and what i did based from the opinion of other people, when the user saves a file it goes to app/storage/uploads my problem is when i know the url to the file, it still have access to the file. for example it is a pdf file, it opens in the browser or if it is doc, xls, xlsx etc it triggers a download what i'm tying to do is when the user tries to access that url, it would go to a certain view informing them that the folder is restricted so far i have this on my routes
Route::get(storage_path().'uploads/{all?}' , 'sample#restrict');
then in my controller
public function restrict()
{
dd("WHOOOPS!"); //for trial purposes
}
any ideas what im doing wrong? thanks in advance
With normal configuration web server has access only to a public directory.
If you set public directory as root for a virtual host, noone will be able to access app or storage directories which are outside public.
I'm using GroceryCRUD to act as a front end for a database containing news releases. Secretaries can go in and add/edit/delete news releases in the database easily now. Only qualified users are able to access the application root via an .htaccess password. The problem with this is that GroceryCRUD uploads assets such as photos are uploaded to the directory /www/approot/assets/uploads/ which is password protected since /approot/ is protected.
My ideal solution would be to set an upload directory outside of the application root which is where I'm running into trouble. By default this is how GroceryCRUD handles uploads:
$this->grocery_crud->set_field_upload('photo1','assets/uploads/');
I've tried changing it to something like this:
$this->grocery_crud->set_field_upload('photo1','/public/assets/uploads/');
I was hoping this / would make the path start from the document root instead of the application root, but it throws this error:
PHP Fatal error: Uncaught exception 'Exception' with message 'It
seems that the folder "/Users/myusername/www/approot//public/assets/uploads/"
for the field name "photo1" doesn't exists.
This seems to suggest that CI or GroceryCRUD just takes the second argument in set_upload field and just concatenates it onto the end of the site URL that is defined. Is there any way around this that doesn't involve creating a user login system?
Try using relative path.
$this->grocery_crud->set_field_upload('photo1','../assets/uploads/');
.. -> Go up one directory
I ended up implementing a login system outlined in this tutorial:
http://net.tutsplus.com/tutorials/php/easy-authentication-with-codeigniter/
It was quite simple to set up and suits my needs. I found ways to give access to the directory using httpd.conf directives but I feel like this was a more viable solution since I don't have direct access to server configuration files.
Maybe in the future GroceryCRUD will allow placement of uploads outside the application folder.