Re: Files and permission

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Wed, April 26, 2006 11:18 pm, Peter Lauri wrote:
> Should I put the files outside of the web file system (outside of
> httpdocs)
> so that they can not get the file thru the web browser?

Yes.

> Or should I save the docs in a database instead and control the access
> thru
> that?

I would only put data into the database that you actually want to
search, sort, and compute statistics on.

So unless you plan on letting them search for Word docs based on
whether or not the control codes internal to the Word format are in
there based on some Regular Expression, I wouldn't cram the Word docs
into the database.

It just seems "clutterd" to me to have data in the database that
doesn't actually have any database operations done on it.

It also may add another thin security layer (defense in depth) to not
have the documents available in the database, in case the database is
penetrated.  [This kinda depends, though, on whether you have other
users with shell access and/or MySQL access...]

The Operating System File System is also generally more efficient for
handling these "large" files, so that's a small plus for outside the
db.

-- 
Like Music?
http://l-i-e.com/artists.htm

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php


[Index of Archives]     [PHP Home]     [Apache Users]     [PHP on Windows]     [Kernel Newbies]     [PHP Install]     [PHP Classes]     [Pear]     [Postgresql]     [Postgresql PHP]     [PHP on Windows]     [PHP Database Programming]     [PHP SOAP]

  Powered by Linux