Proper way to upload files and display them safely later

Hi everybody, what’s the proper way of uploading and displaying files, i.e. not placing and storing them in uploads folder?

I would say it depends on what you do with your uploaded files to find a “proper way”.

  • Do you want to reference them with other content on your website?
  • Are you providing downloadable files to other users?
  • Are all uploaded files public?
  • Do you only upload images or other files like PDFs, text, movies etc. as well?

As a start you can try out GitHub - brandcom/cakephp-assets: Backend Asset Management for CakePHP and see if it provides you with some basic functionality you desire.

For public files I have no problem with a static folder in the webroot folder which I reference throughout my code via 1 config value like Files.profile_picture_path so I don’t need an extra table which holds all my assets.

But again, it all depends on what you want to do.

Thank you for your answer @KevinPfeifer. My site is a site that collects various personal certificates in pdf format. I would like to allow only signed users to download data.

My idea is to e.g. store data in a folder like e.g. resources and to copy to file to webroot folder just for a short period of time when it should be available for download.

Nevertheless I believe that there is surely a better way how to perform this in cakephp.

You can easily make files downloadable which are NOT part of the webroot folder.
Try doing this at the top of any of your index() actions inside your controller

return $this->response->withFile(APP . 'Application.php');

and call that URL
You will recieve the Application.php as a downloadable file from your src directory.

Once more thank you very much for your hint. Based on what you wrote I just read few lines in cookbook here Request & Response Objects - 4.x and everything works as it should now. And I even learned something new. Once more thank you @KevinPfeifer !