I want to update my app's database with dropbox.
It should download some files and db file located in specific folder in my Dropbox account.
The algorithm is something like this:
1. App makes request to shared folder and downloads db by specified name(like myapp.db)
2. App reads db, get list of file to download and looking for them in shared folder
3. App downloads this files from shared folder
Is it possible? I don't want to show any authentication requests to user, and actually user can't be authenticated since he just get access to shared folder in my account.
Can I do this with Dropbox API?
platform is os x
You don't need to use the Dropbox API to do this. Just put the public URL for myapp.db into the app, and in myapp.db put all the URLs of the files. Then you're not even tied to Dropbox, since all you need is public URLs. Note that Dropbox has bandwidth limits, so if this is a heavily-used app, you might want to put these on a more appropriate host like S3. Using direct URLs gives you the flexibility to change hosts in the future.
Related
I am doing a project using Laravel. Now, I have to store customers, users etc images both in the database and application folder. There are two ways to store images or files in laravel application.
Inside public folder I can store.
Another one is, inside storage/app/public
From these two ways, what should be better to do this. Would someone suggest me please?
Thanks in advance.
There's not an enormous difference, but in general, it's better to put things in storage/app/public.
This allows you to give Laravel write permissions to the storage folder, while leaving its permissions on public as read-only. This is a bit more secure.
Generally, if your files need to be publicly available you it is recommended you use the laravel "Public Disk" which exposes yoursite.com/storage/ as a symbolic link to your_app/storage/app/public.
You can activate the public disk by running
php artisan storage:link
If files uploaded do not need to be directly accessed via the web, it is recommended that you use the "Local Driver" - these files are kept securely inside your_app/storage/app - one level up from the public folder and are not directly accessible by a web browser.
You are of course free to create any file structure in these directories as you need for your customers etc.
The Storage class helper is extremely useful.
I'm new in laravel
I have created a captcha.php file content-type image.
I'm not sure where is the best place to be stored securely. I google it and some people said put this file inside of resources folder
I dont think that you've realized that no single folder will be more secure than any other as once an attacker has compromised your computer they will be free to roam through your folders. Also using file permissions that do not permit read access to the folder is a good strategy to prevent an attacker who has compromised a non root account from reading your captcha.php file. But then you would not be able to run said file as a user needs read and execute permissions on the file if you wish to actually run the script.
I have some forms that allow the user to upload files that only they can view so I will have to store them somewhere. However, I haven't been able to find any information about where these files would usually be stored if I want them to be kept on the local server. Therefore I have to assume that there is no convention for the permanent storage location of uploaded files. Am I correct in this assumption?
To be clear, I'm not talking about temporary storage locations.
Additionally, would it be a bad idea to have the storage location of all the files as a subfolder of the app directory (with gitignore enabled on it)? Or would it be a better idea to have it outside of the app folder? Thanks!
There is no explicit convention on where to store user uploaded files.
However Laravel ships with a storage directory where it stores framework related data such as cache, sessions, etc. As the name denotes it's a good place to store files, not just framework files. Also the Laravel Filesystem Documentation mentions that the default configured location is storage/app (but that can be changed to fit your needs):
When using the local driver, note that all file operations are relative to the root directory defined in your configuration file. By default, this value is set to the storage/app directory. Therefore, the following method would store a file in storage/app/file.txt: Storage::disk('local')->put('file.txt', 'Contents');
This storage/app folder will by default be ignored by Git.
If you also need the files to be publicly available, then you have two options:
1. Store them somewhere in the public directory.
2. Store them in the storage directory as suggested above and create a symbolic link to the folder from a public location. On Linux you can run this:
ln -s /path/to/laravel/public/files /path/to/laravel/storage/app/files
Of course the directory names can be whatever you like, I used files as an example.
The first option is for cases where you don't have shell access or are otherwise unable to create symbolic links. So if possible I suggest you use the second option.
Laravel uploads to the temporary file path, then you will have to move the file:
$request->file('photo')->move($destinationPath);
This method will move the file from its temporary upload location (as determined by your PHP configuration) to a more permanent destination of your choosing.
SOURCE: https://laravel.com/docs/master/requests#files
I have a Laravel 5 project in which I am uploading files in database in Medium Blob format.
But uploading files in database takes some extra time to execute.
Uploading files in database is a secured way to keep files safe from crawlers or some bots.
I have tried to Upload files to the Public folder. But the crawlers can open these files.
Is there any possible way to upload files in the file system?
So that the Crawlers cannot open these files.
I want these files to be Secured
you can upload them outside of the public scope. For example, storage/ folder is a good place. Also, you can grab them using the file system manager. Take a look:
$image = \Storage::get('file.jpg');
Edit
A correct laravel installation just allow the content of public/ to be accesible via web browser. If other directories as storage/ or resources/ are public too, then you installation is really incorrect.
Said that, once you upload the files in storage/ folder nobody can access them except by you using the \Storage facade. When you call for example \Storage::get('file.jpg'); it returns an stream of bits that you can allocate them in a temporary folder and then display it in the webside. Once the request has finished, the image will disappear again from public domain.
No need to change the directory this can be achieved by two ways
LazyOne Answer using .htaccess
AND
Using robots.txt
I will suggest to implement both .htaccess and robots.txt as some cheap crawlers ignore robots.txt but they can't ignore .htaccess
You can follow this method
image-accessibility-for-authenticated-users-only
As this only allows authorized uses to view image
I am developing a web application for my client using Code Igniter and i need to hide and secure some ZIP, JPG and PDF files on server so that they are not accessible by non users. Only people who are logged in and are the owners of Files can access the files. This is very similar to secure file sharing websites.
it is very similar to any paid file sharing site like only people who paid for files can download files. In my case only those who have uploaded and who shared the files with other can download files.
Please tell me how can i do this..
Thanks
Sajid
One method is to keep the files above the web root (so not publicly accessible) and have the link to them point to a function that will check if logged in (or other parameters you want) and if everything is OK, then serve the file(s).