As far as storing the files, use a seperate subdirectory called
"rawData" or something, and place all your files in there, aim for 10
- 5000 files per directory, and keep it logical.
But since you want to stop guessers from accessing it, use a
randomID() function that you create to generate a random subdirectory
under "rawData".
You could also use just the YYYY-MM-DD HH-MM-SS of the
submit/upload-date for the file or the last-modification date of the

Then create something that maps IDs (dataNr, itemNr, fileID) to the
relative path under "rawData".

Then let view.php readfile() and output the requested file, instead of
sending any link to your "rawData"-subdirectory-location to the

It should be airtight then.

PHP General Mailing List (
To unsubscribe, visit:

Reply via email to