Hello All,
I have been lurking here for the past couple of weeks and learning a bunch, thank you for all of your posts, just listening to you guys is great. We are developing a web based file management interface for collaboration and security. - Login script - Add three levels of security - Admin - Allows editing of files with file locking - User Specific can view some of the files, not all... - Guest - can only view a few files. - Add / Remove users and permissions to view / edit... - Add / Remove files with file description / size and type We are using PHP and MySQL for this, however, I am concerned about the security of some of the more sensitive files. We would like to have them simply in an HTACCESS protected folder, however, we want to use PHP to add and remove the users through a web interface, we don't want people to just be able to type in the URL of the file and get it again, for two reasons, 1. General Privacy 2. Maybe someone has it checked out and editing it. I have read the post about containing images within a MySQL database. Should we store the files inside the DB, using the posted method of storing an image, and relying on MySQL inherent security, the HTACCESS method or does anyone have a better suggestion? Patrick Egan Egan Consulting 15 Elvina Gardens Toronto, Ontario M4P 1X7 T] 416 630 4982 F] 416 488 7187 C] 416 726 4832 Pager] 416 377 9031 E] [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]> W] www.eganconsulting.com <http://www.eganconsulting.com> --------------------------------------------------------------------- Before posting, please check: http://www.mysql.com/manual.php (the manual) http://lists.mysql.com/ (the list archive) To request this thread, e-mail <[EMAIL PROTECTED]> To unsubscribe, e-mail <[EMAIL PROTECTED]> Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php
