I've got to read and serve a lot of resources (images and files) and I want to hide real path where resources are stored. What is the best way to do it with symfony 2.x?
If you want to abstract from the filesystem you could use KnpGaufretteBundle. Gaufrette is a PHP library that abstracts the filesystem. That is, you can access resources no matter where they are stored (e.g., the local filesystem, a FTP server, Amazon S3, Dropbox, etc).
However, Gaufrette does not abstract the path (you set up a kind of base directory for the filesystem) and you would use a path relative to this base directory. Consider the following code that abstracts the local filesystem:
<?php
use Gaufrette\Filesystem;
use Gaufrette\Adapter\Local as LocalAdapter;
$adapter = new LocalAdapter('/var/media');
$filesystem = new Filesystem($adapter):
$content = $filesystem->read('myFile.txt');
$content = 'Hello I am the new content';
$filesystem->write('myFile.txt', $content);
In this example you would read and write the file /var/media/myFile.txt.
If you want to further abstract the filesystem, you could create a service that has a map of files and its aliases. For example, you could read a list of these file/alias pairs from a YAML configuration file. You can then get the real filename by using some kind of getter with the alias as parameter.
Related
I have XML files in a publicly accessible directory. I want to restrict them to accessible only to logged in users. So when I go to http://example.com/web/file.xml only AUTHENTICATED members can access the file. I'm using PHP & Symfony2.
Files in web are all public so don't put it into that folder.
You can create a folder into Ressources and put your xml into it.
Then create an action witch read and display your file. In this way you will be able to secure your action.
For exemple you can access as http://monsite.com/xml/get
How to secure : http://symfony.com/doc/current/cookbook/security/securing_services.html
I solve the problem with this
$filename = $this->get('kernel')->locateResource("#SomeBundle/Resources/folder/file.xml");
(Accessing Files Relative to Bundle in Symfony2)
My ASP.NET Web API service dynamically generates files for users to download.
The remote application sends a request to the API which:
Generates the file and saves it ----> where?? <-----
Returns the URL of the file location so it can be downloaded.
Nothing fancy there, but my question is what are the best practices for where to save these files?
Some digging around suggests that App_Data might be the appropriate place but I haven't seen anything definitive.
Some considerations:
This all happens on a company intranet so security isn't really a big deal.
The files are essentially temporary. Is there a simple way to delete the file once it's downloaded? Not a big deal - I can set up a scheduled task to clean out whatever the destination folder is.
Thanks!
You can write to any location your application stores data in.
I recommend using the system Temp directory, that's what it's there for (System.IO.Path.GetTempPath()) or if your have write access, a subdirectory of your application:
String path = Server.MapPath("~/Temp");
if( !Directory.Exists( path ) ) Directory.CreateDirectory( path );
using(FileStream fs = File.OpenWrite( Path.Combine( path, "TempFileName.dat" ) )) {
fs.Write( new Byte[1024] );
}
If you have access to your web server, you could also create a virtual directory under your web application and configure it to point to whatever file location you want. Then you can have your application save the files into that virtual directory using System.IO. That's what I've done in the past.
Assume I want to write to a new file created within the space of my webapp.
One way would be use getServletContext().getRealPath("/") and use that String to create a new file on the server. However, often I come across advice like not using getServletContext().getRealPath("/").
Can someone please let me know of another way to write a new file within my webapp?
Many thanks.
Have some configuration property containing the absolute path of a directory outside of the webapp and web server path, read this path from the configuration property, and write to this directory.
To serve files from this directory, write a servlet that takes the name or ID of this file as parameter, reads the file from the directory, and sends its content to the response.
This will
work even if the app is deployed as a war file and never unzipped to the file system
allow you to redeploy the next version of the app or server without deleting all the uploaded/created files
allow you to add whatever control you want on the uploaded/created files, instead of making them available to everyone
In short, treat these files as data, stored in a database which happens to be the file system instead of a SQL database.
I have a Symfony2 bundle which contains some wsdl files in Resources directory. It forces me to define some additional entries in config file like:
parameters.fx_wsdl = '../vendor/project-name/bundleName-bundle/vendorName/xxxBundle/Resources/confid/ws/fx.wsdl'
yeach, as you see it looks ugly. Is there a way to define it as:
parameters.fx_wsdl = 'VendorNameBundleNameBundle/Resources/confid/ws/fx.wsdl'
any object which can translate VendorNameBundleNameBundle into ../vendor/project-name/bundleName-bundle/vendorName/xxxBundle automatically
I have a Symfony2 project with user management (FOsUserbundle & Sonata bundles). In some case of my application, i need to create files for users, and i want to store them. The files might be big so i exclude storing them in sessions/local storage.
First question :
Is there a symfony2 pattern to handle user generated files and storage ?
Where does these files should be placed ? Which directory ?
Second question :
I have a big file that my app need to use. Users shouldn't have access to this file but mainly my app controllers have to. What is the best secured way to store this file and restrain access ?
First Question:
depending on the number of files each user has, I would use some kind of naming convention. e.g. temp/[username]/file1.dat or temp/[username].dat
You can implement this strategy by following the symfony2 cookbock for file uploads on entities and check the function:
public function preUpload()
{
if (null !== $this->file) {
// do whatever you want to generate a unique name
$this->path = uniqid().'.'.$this->file->guessExtension();
}
}
Here is the filename generated, and you can easily set the username instead of some random "uniqueid()".
Second Question
Securing files is in my opinion best implemented via a folder that is not accesible through the web.
For example if you have the following structure:
myproject
app
src
vendor
web <-- your domain points to this folder
save_files
then you can store your files in the save_folder that it is not accesible via direct web access. In your application / controller you can access it via the filesystem or use some abstraction like the KnpGaufretteBundle