Additional log and notification, more control on file access through PHP #64
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…access through .htaccess
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Hi,
first of all I would like to thank you!
I was using encode-explorer already quite a bit with a few changes - and now due to updating I felt it might be worth sharing what I did.
Regarding the .htaccess:
While I didn't want to have an additional file in the project, I had problems displaying the Lines in the Readme.
I think it would be nice to have also an example for an nginx like configuration.
Explanation for the Download on the right side:
I had to provide a lot of images and because it wasn't me who had to work with, I wanted to ease the job for the one who had to. (And no, packaging all pictures for one simple download wasn't an option :P)
Explanation regarding the php processed download:
with the php processed download your script has to provide the data, this way you can fully log and permit/deny access to the files, but the provider has to setup rules through htaccess or otherwise configs.
Problem as noted could be a php timeout, but it didn't happen to me yet.
Probably it would be better providing this functionality with an additional option, but on the other hand if a login is required, and you provide rules to protect your files, there shouldn't be a way around.
Edit: I fixed some security mistakes caused by php processed downloads (like going directories upwards or access to hidden files/directories