This repository has been archived by the owner on May 25, 2023. It is now read-only.
-
-
Notifications
You must be signed in to change notification settings - Fork 7.9k
PHP user directories
blueimp edited this page Oct 16, 2012
·
5 revisions
Since version 5.17 the PHP Upload Handler supports user directories out of the box. This can be enabled by setting the option user_dirs to true (in index.php):
<?php
// ...
$upload_handler = new UploadHandler(array(
'user_dirs' => true
));
By default, the upload handler makes use of session IDs for the user directories.
To provide your own implementation, you can override the get_user_id method:
<?php
require('upload.class.php');
class CustomUploadHandler extends UploadHandler {
protected get_user_id() {
@session_start();
return session_id();
}
}
$upload_handler = new CustomUploadHandler(array(
'user_dirs' => true
));
PHP session IDs are generally not guessable. However, for added security it is possible to provide file downloads only via PHP. To do so, the option download_via_php can be set to true:
<?php
// ...
$upload_handler = new UploadHandler(array(
'download_via_php' => true
));
Next, the files directory can be protected via .htaccess (by uncommenting the following lines):
AuthName "Authorization required"
AuthType Basic
require valid-user