Re: Design question!, uploading documents to webserver
- From: "Paul Shapiro" <paul@xxxxxxxxxxxxxxxxxxxxxxx>
- Date: Mon, 24 Nov 2008 07:23:58 -0500
Storing pdf's in the db doesn't seem to resolve the security issue, since it leaves all access through your web application, and the web application has to handle the security. If the app is doing that anyway, you could store the docs in a folder that no user has access to, and let the app provide the docs on request. Then the app can do the same security controls it would have done with the docs in the db.
"Jeff" <it_consultant1@xxxxxxxxxxxxxxxxxx> wrote in message news:Oi1KJ2hTJHA.5920@xxxxxxxxxxxxxxxxxxxxxxx
Hi
asp.net 2.0
I'm developing a webportal, where admins will upload documents related to users of the website.
Each document will be unique for each user. A user can have from 0 to many documents.
An user only have access to his documents.
Documents will be in .pdf format.
Documents will not be stored in database (sqlserve2005) but instead uploaded to a folder on the webserver. So I'm thinking should I create a folder for each user on the webserver (make some logic that create folder, permission problem at creating folder?) or modify document name to also hold the id of the user, which I guess is a potential pitfall....
any suggestons? maybe there are better wasys of doing this? Upload to the database instead (possible with pdf)? I guess changing the logic to save file in the db is better, though not sure how to view a .pdf file stored in the database (I know how to view images stored in database, so I guess the procedure is the same for pdf also)
any suggestions?
.
- References:
- Prev by Date: جندي بريطاني ... يتحول الى امرأة بعد رجوعه من العراق !!! بالصور
- Next by Date: Re: objectdatasource filter.
- Previous by thread: Design question!, uploading documents to webserver
- Next by thread: Re: Design question!, uploading documents to webserver
- Index(es):
Relevant Pages
|
