well, my ideia is this: i

joaocarmopereira — Wed, 05 Nov 2008 22:26:05 +0000

well, my ideia is this:

i never show the user the path of the file. (is this possible?)

when a user logs in, i create a session id (among hash in the process).

i've been thinking about the function to parse the download file.

it verifies:

1. the user of the specified area is log in?
2. the user session id is valid?
3. the file is there?

if this is all true, then it outputs the file from a download file dialog box.

Adding some extra security

decibel.places — Tue, 28 Oct 2008 15:42:38 +0000

Adding some extra security by obscurity couldn't hurt.

I agree that user validation is necessary - but if someone figures out how to hack that, the obscurity is another level of protection.

That's the phrase I couldn't

pr0gr4mm3r — Tue, 28 Oct 2008 14:10:35 +0000

That's the phrase I couldn't remember. I know it was o-b something, but I couldn't remember the word for the life of me.

Security by hiding the

JeevesBond — Tue, 28 Oct 2008 08:21:07 +0000

Security by hiding the username is a form of security by obscurity and generally doesn't work.

Just wanted to point that out, it's an interesting subject.

(I once went to a

pr0gr4mm3r — Tue, 28 Oct 2008 03:59:00 +0000

(I once went to a colleague's web site, password protected... guess what the log in was? uname: admin pw: admin -- funny thing is, even after I told him it was a security risk, he didn't change it...)

True, the one biggest security risk is...the user.

I was commenting

decibel.places — Tue, 28 Oct 2008 03:25:21 +0000

I was commenting specifically on the OP's sample URL

It's critical to use verification for access

It doesn't hurt to avoid the obvious-

(I once went to a colleague's web site, password protected... guess what the log in was? uname: admin pw: admin -- funny thing is, even after I told him it was a security risk, he didn't change it...)

Because, especially if

pr0gr4mm3r — Tue, 28 Oct 2008 02:08:19 +0000

Because, especially if security is a concern, if a user knows the structure of the url for her/his own files, and discovers the usernames of other users, bingo, you've got a leak.

But that's why you verify the user's session before you pass the file. If you write a PHP script that's like a download manager, you can check to make sure the permissions are verified.

Random hard-to-guess names != security. Protect them instead.

Why not? Because, especially

decibel.places — Mon, 27 Oct 2008 23:52:40 +0000

Why not?

Because, especially if security is a concern, if a user knows the structure of the url for her/his own files, and discovers the usernames of other users, bingo, you've got a leak.

For that reason, on a ratings site I work on, the images are assigned a pseudo-random filename associated with the user in the db when they are uploaded, so that they are really only viewable in the site...

DO NOT use an obvious

pr0gr4mm3r — Mon, 27 Oct 2008 23:30:51 +0000

DO NOT use an obvious structure like the username in the URL - assign a pseudo-random id to the user (you can cross ref them in your db).

Why not?

How do I prevent other users

decibel.places — Mon, 27 Oct 2008 23:22:52 +0000

How do I prevent other users to download files from each area? (using direct links like http://www.website.com/users/user_a/file.mp3 )

DO NOT use an obvious structure like the username in the URL - assign a pseudo-random id to the user (you can cross ref them in your db).

You're basically talking about ACL issues, there are some resources in this Google search

You can also use a platform with fine-grained permissions like Drupal to manage your site's content and users.