On 19 Sep 2013, at 14:39, Aziz Saleh <azizsa...@gmail.com> wrote: > The best way to handle file uploads is to: > > 1) Store the filename somewhere in the DB, rename the file to a random string > without extension and store the mapping in the DB as well. > 2) When sending the file, set the header content to the filename and output > the content of the file via PHP (ex: by readfile). > > Aziz > > This way even if the file is PHP code, it will be of no issue to you.
What you describe it highly inefficient, clunky, and unnecessary. You've managed to get PHP and a database involved in serving a static file, for no reason other than to avoid fixing the web server configuration. A misconfigured web server should be fixed, not worked around. -Stuart -- Stuart Dallas 3ft9 Ltd http://3ft9.com/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
