robbie shepherd
2006-Mar-01 05:40 UTC
[Rails] upload file above /public, authenticate before serving?
I have file uploads to the database and stored in a longblob working on our client extranet, except that it kills mysql/activeRecord on files bigger than about 200kb. (is there a reason for this - running mysql 5.0.18, lighttpd or webrick on winxp??) So I''m now thinking about whether its possible to do either: 1) upload a file into #rails_root/some_folder/ instead of /public/some_folder, store a reference to the file in the db instead and somehow serve it up to authenticated users or 2) upload the file into /public/folder but find a way of only serving up the files to authenticated users (I''m currently using login_system.rb to authenticate users) anyone have any ideas? I''m stumped... -- Posted via http://www.ruby-forum.com/.
Roberto Saccon
2006-Mar-01 15:46 UTC
[Rails] upload file above /public, authenticate before serving?
If you are using lighttpd, there is secure download mod, so you can store the files outside public and authenticated users can get a specially formatted url with limited lifetime, and the files gets served by the webserver. If you set the time low, you don''t have to worry about hot-linking. On 3/1/06, robbie shepherd <robbie.shepherd@gmail.com> wrote:> > I have file uploads to the database and stored in a longblob working on > our client extranet, except that it kills mysql/activeRecord on files > bigger than about 200kb. (is there a reason for this - running mysql > 5.0.18, lighttpd or webrick on winxp??) > > So I''m now thinking about whether its possible to do either: > > 1) upload a file into #rails_root/some_folder/ instead of > /public/some_folder, store a reference to the file in the db instead and > somehow serve it up to authenticated users > > or 2) upload the file into /public/folder but find a way of only serving > up the files to authenticated users (I''m currently using login_system.rb > to authenticate users) > > anyone have any ideas? I''m stumped... > > -- > Posted via http://www.ruby-forum.com/. > _______________________________________________ > Rails mailing list > Rails@lists.rubyonrails.org > http://lists.rubyonrails.org/mailman/listinfo/rails >-- Roberto Saccon - http://rsaccon.com -------------- next part -------------- An HTML attachment was scrubbed... URL: http://wrath.rubyonrails.org/pipermail/rails/attachments/20060301/4cf3848f/attachment.html