My customer wants to create a site where authenticated users can upload/download files to/from a user-specific folder. I cannot find a simple way to accomplish this on a Linux-hosted site. The only solutions I can find are using FTP, requiring teaching users how to use an FTP client, or set up a CMS with a plugin, none of which I am sure will work. If you know of a simpler and more usable solution, please let me know.
If your main concern is security so only certain users can upload/download, there are things you can do.
AFAIK the best is to use SSL - https
And you can keep secure files outside of the root, only accessible from a script that authenticates and validates a user’s session.
Of course there’s no way to prevent redistribution of downloaded files, thats where expensive legal safeguards have their place.
Thanks for the reply, Mittineague. This wouldn’t work exactly the way the customer requested, but the more I think about it, the more I think it is a good compromise. The big issue would be security. There would be no way to prevent access to files or folders, if someone could find them. Most users are not technically inclined, though, so this is an acceptable risk.
I will approach my client with this solution. If, however, anyone has a boxed product that could achieve a solution that would include logins and security, I would love to hear about it.
Thank you, again, for the information. You’re getting me to think outside of the box, and I appreciate that. I can present these solutions to the customer and see what kind of compromise/cost he would like to make. Using SSL to secure the files is a good option. I suppose that I was hoping for a magic wand solution that does not exist.
I appreciate the help. SitePoint is the best, hands down!
I’m unclear as to where you are having problems.
File upload can be accomplished using a form with an input type “file”.
And files can be downloaded by providing a link to them.