Re: Storing user photos under web-app directory

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|

Re: Storing user photos under web-app directory

bdrhoa

You probably want to store the user data outside of the app so that you can do easy app updates without having to backup and restore your data.  For an example of this see maflt.org/products/Ibidem.

The other option is to store the files in the database. I think the file server plugin does that. Or see the attachment able plugin.

On Dec 23, 2013 10:09 AM, "manhooei" <[hidden email]> wrote:
I'm building a grails app, users upload images, currently I'm placing them
under my project web-app directory, I was wondering if that is the right
place to place user images in.

Also I wanted to know, how can I structure the directories so that they are
well structured but don't expose some information to hackers based on the
url. For example some people use the user_id as the dir for each user, so
the link to the image for a user with id of 25112 would be :
http://xyz.com/images/25112/abc.jpg
so as a result, the hacker can user a counter to increment the dir id and
browse all other images. Any elegant solution for that ?

So to recap, my questions are:
1-Where is the best in a grails app to save the user photos ?
2-How to structure it in terms of directories ?

Thanks



--
View this message in context: http://grails.1312388.n4.nabble.com/Storing-user-photos-under-web-app-directory-tp4652772.html
Sent from the Grails - user mailing list archive at Nabble.com.

---------------------------------------------------------------------
To unsubscribe from this list, please visit:

    http://xircles.codehaus.org/manage_email


Reply | Threaded
Open this post in threaded view
|

Re: Storing user photos under web-app directory

SAgrawal14
Answer to the first question is that, create a directory under web-app say suppose user-data. Place all user related file (non site related files example: site logo, images) to this directory. When you deploy the app on apache tomcat production, it will automatically create the directory outside the main directory, so you never have to backup those data.

Answer to the second question can be extracted from answer to the first question. Although you can use grails file uploader plugin to store user data. Its a best plugin to use. (Hint: use any forks)

Shashank


On Tue, Dec 24, 2013 at 3:46 AM, Brad Rhoads <[hidden email]> wrote:

You probably want to store the user data outside of the app so that you can do easy app updates without having to backup and restore your data.  For an example of this see maflt.org/products/Ibidem.

The other option is to store the files in the database. I think the file server plugin does that. Or see the attachment able plugin.

On Dec 23, 2013 10:09 AM, "manhooei" <[hidden email]> wrote:
I'm building a grails app, users upload images, currently I'm placing them
under my project web-app directory, I was wondering if that is the right
place to place user images in.

Also I wanted to know, how can I structure the directories so that they are
well structured but don't expose some information to hackers based on the
url. For example some people use the user_id as the dir for each user, so
the link to the image for a user with id of 25112 would be :
http://xyz.com/images/25112/abc.jpg
so as a result, the hacker can user a counter to increment the dir id and
browse all other images. Any elegant solution for that ?

So to recap, my questions are:
1-Where is the best in a grails app to save the user photos ?
2-How to structure it in terms of directories ?

Thanks



--
View this message in context: http://grails.1312388.n4.nabble.com/Storing-user-photos-under-web-app-directory-tp4652772.html
Sent from the Grails - user mailing list archive at Nabble.com.

---------------------------------------------------------------------
To unsubscribe from this list, please visit:

    http://xircles.codehaus.org/manage_email



Thank You,

SA
Reply | Threaded
Open this post in threaded view
|

Re: Storing user photos under web-app directory

micke_
In reply to this post by bdrhoa
I would definitely store the data outside of the deployed webapp folder structure, and leverage existing services which serve static data if possible!

I implemented a similar kind of thing a while ago and my first implementation stored a blob in the DB, but my DB grew quickly and I had to use grails/tomcat for serving static data which I think is best done by something else.

My next iteration of my "document" upload/download functionality uses Amazon S3 which works really well. I simply store the documents in a bucket with a filename that I store in the database.
Then I simply generate a URL pointing to the Amazon S3 location an perform a redirect to that in the download controller.
See this old thread http://grails.1312388.n4.nabble.com/Serving-static-files-td2553680.html where this was discussed before

Cheers,
 micke



On 23 December 2013 22:16, Brad Rhoads <[hidden email]> wrote:

You probably want to store the user data outside of the app so that you can do easy app updates without having to backup and restore your data.  For an example of this see maflt.org/products/Ibidem.

The other option is to store the files in the database. I think the file server plugin does that. Or see the attachment able plugin.

On Dec 23, 2013 10:09 AM, "manhooei" <[hidden email]> wrote:
I'm building a grails app, users upload images, currently I'm placing them
under my project web-app directory, I was wondering if that is the right
place to place user images in.

Also I wanted to know, how can I structure the directories so that they are
well structured but don't expose some information to hackers based on the
url. For example some people use the user_id as the dir for each user, so
the link to the image for a user with id of 25112 would be :
http://xyz.com/images/25112/abc.jpg
so as a result, the hacker can user a counter to increment the dir id and
browse all other images. Any elegant solution for that ?

So to recap, my questions are:
1-Where is the best in a grails app to save the user photos ?
2-How to structure it in terms of directories ?

Thanks



--
View this message in context: http://grails.1312388.n4.nabble.com/Storing-user-photos-under-web-app-directory-tp4652772.html
Sent from the Grails - user mailing list archive at Nabble.com.

---------------------------------------------------------------------
To unsubscribe from this list, please visit:

    http://xircles.codehaus.org/manage_email



Reply | Threaded
Open this post in threaded view
|

Re: Storing user photos under web-app directory

Igor Sinev
In reply to this post by bdrhoa
You might also consider providing this functionality through an external service.

or

Cheers,
 Igor Sinev


On Mon, Dec 23, 2013 at 9:08 PM, manhooei <[hidden email]> wrote:
I'm building a grails app, users upload images, currently I'm placing them
under my project web-app directory, I was wondering if that is the right
place to place user images in.

Also I wanted to know, how can I structure the directories so that they are
well structured but don't expose some information to hackers based on the
url. For example some people use the user_id as the dir for each user, so
the link to the image for a user with id of 25112 would be :
http://xyz.com/images/25112/abc.jpg
so as a result, the hacker can user a counter to increment the dir id and
browse all other images. Any elegant solution for that ?

So to recap, my questions are:
1-Where is the best in a grails app to save the user photos ?
2-How to structure it in terms of directories ?

Thanks



--
View this message in context: http://grails.1312388.n4.nabble.com/Storing-user-photos-under-web-app-directory-tp4652772.html
Sent from the Grails - user mailing list archive at Nabble.com.

---------------------------------------------------------------------
To unsubscribe from this list, please visit:

    http://xircles.codehaus.org/manage_email