zero_ZX Posted August 11, 2010 Share Posted August 11, 2010 Hi, I have a script where employees of a company can upload invoices to their clients. This is done via a simple upload form. My question is, What would be most secure way to do this? How should i upload files, should i make different directories for each customer, or should i have one huge, where file names will be random or, what would you do? Quote Link to comment Share on other sites More sharing options...
Exabyte Posted August 11, 2010 Share Posted August 11, 2010 protect the upload folder with a htaccess file and only serve the files through a php script. Quote Link to comment Share on other sites More sharing options...
zero_ZX Posted August 11, 2010 Author Share Posted August 11, 2010 Htaccess so users cannot access files directly but only if they download from a link or..? Quote Link to comment Share on other sites More sharing options...
Exabyte Posted August 11, 2010 Share Posted August 11, 2010 right, have a php file send the invoice file to the user Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.