Cgi-bin folder inside htdocs folder

I am building an online document management system for a client, and basically the documents are very sensitive.

So wondered if I was able to upload these pdf’s to the cgi-bin folder for storage and then use php to echo the documents out when they are called upon by the user of the sytem.

I dont want the pdf’s accesssible through the browse.

You could have a go at saving the files above root but I do not know how many files you can save there.

That was the idea originally, but I just rang the host up asking why I couldnt see any folders above root level, so whilst i was on the phone with him i asked him to set up a folder called private above the root level, which is said he did but i still cant see it, very annoying.

So then I saw the cgi-bin folder and thought hang on that would be good enough as long as it worked.

I just tried it too by putting a pdf in there and going through the browser to it via the cgi-bin folder and it didnt work, so wanted to check that it is a correct method for something i want to do

That’s strange as on the shared hosting I have I can see folders above the root.

You say in your first post “I dont want the pdf’s accesssible through the browse.” and in your second post you say “I just tried it too by putting a pdf in there and going through the browser to it via the cgi-bin folder and it didnt work”
How were you going to save and access the files?

You probably have more options through a VPS and I know there is some software to setup a cloud on your own VPS now.

Ye sorry when i said it didnt work, I meant that in a positive way, as in I wasnt able to access the pdf’s through the browser, so it did work, sorry.

To access them I think there a way of drawing the pdf out of the server abd echo’ing it out on the page, again Im not 100% sure on it, but have read something similar somewhere.

I have seen folders above the root level before too, but for some reason I cant see them with this host, so thats what gave me the bright idea about using the cgi-bin folder

Well from a semantic view point the cgi-bin directory is not the place to user uploaded files. Having said that it is just a directory at the end of the day. You are correct in storing the files outside the site root and regulating access through a PHP script which serves up the files if the requested user has the proper permissions. Though you are going to need an authentication and authorization system to go along with that if you don’t already have a user management system in place. I’m surprised your host doesn’t allow you access to the directory above the site root. Every shared server I’ve ever used had the web root as a secondary level directory.

Ah right, will have to look into the need an authentication and authorization system you speak about then.

I will go ahead and upload the pdf’s into the cgi-bin folder and try and work out a way of getting them out.

If you know of a tutorial, Id be very grateful, as it sounds quite a job.

This is the reason many of us lazy programmers use frameworks rather than rolling our own code/frameworks. If you were to use something like Zend, Symfony, Laravel, etc the functionality would be increasingly easier to add to an existing site. Having to role your own code though is a tough and tedious order for something that is really so basic and integrated partially into just about every modern open source PHP framework. Even though you might think some of those frameworks are a overkill chances are that as a project matures those frameworks will look increasingly more desirable. So it is better from the get go starting out with one such as Symfony rather than realizing later that you will need to rewrite basic functionality such as a user management system instead of leaning on a tried and true platform. Live and learn though.