-
Posts
1141 -
Joined
-
Last visited
-
Days Won
157
Content Type
Profiles
Forums
Events
Posts posted by mhmda
-
-
hhhhhhh, you are doing just fine 🙂
-
I just answered you question "I see that the root of my server is empty, is this a security issue?" with 'No'....
-
Just now, irigsoft said:
Thanks,
I see that the root of my server is empty, is this a security issue?
No, means that the exposed folder is the value of the "FilesFolder".
-
We use a record for the current user which also includes the sessions id then it will be easy to know if the currend user has the right to view/download the video or any other file.
-
1 minute ago, irigsoft said:
The problem is that User2 receives a file from User1
In my example:
1. I have 3 users and they pay to receive Video1, Video2, Video3 files
2. If I send url1 to user1 to video1, so user2 and user3 will not pay for this file, the url is the same
How to protect Video1 to download user2 and user3 without paying
Then you have know the session id for the right user if a user with no rights to access this video then block the request.
-
Just now, irigsoft said:
If I change Server root: root to mynewroot, what problems can wait ?
Then just copy your files (images, css, js...) to the new path: mynewroot\files\.....
After changing and when you use for example a url for image: 'files/images/copy.png' the server will search for the image inside the new path: mynewroot\files\images\copy.png
You don't need to change anything in your code just copy needed files (folders) to the new root: mynewroot folder 🙂
- 1
-
Maybe a video tutorial showing how you can digitally sign your pdf (with your logo) is needed 🙂
-
Just now, irigsoft said:
I use my own directories for system files, and they are in root directory (where MyApplication.exe is),
Is that error ?
If system files exists in a folder under 'root' then this is not good 🙂 you have to move them out of this directory.
-
Beside that didn't you think about digitally sign your pdf files as we did and this way no one can edit your pdf files.
-
Short answer is: yes, but the helper function "ServerModule.NewCacheFileUrl" creates a random file name that will be no chance that other user could know.
-
-
Hi,
We don't expose important files and .fr3 (fastreport) to the web, we keep them in folder that doesn't exist in the 'root' of ServerModule and for generating report we create a temp. file for current user using the helper function of the Unigui:
ExportFileName := ServerModule.NewCacheFileUrl(False, ExportType, '', '', AUrl, True);
This will create a random file with a specific extension then we forward this to FastReport:
frxPDFExport.FileName := ExportFileName;//<--- url for the temp file
And for displaying the report to the end user you just use the AUrl.
Also all attached files that been uploaded by the user are saved the same way in a folder that isn't exposed to the web and when needed we use the same technique above (yes another copy of the same file, and we keep the source file safe).
-
10 minutes ago, Farshad Mohajeri said:
Hi,
It is recommend to use a Windows Service application for parts of your code which should be executed regularly.
This is what we exactly do. 🙂
-
-
You welcome 🙂
-
-
The first version of Nasa system was released on 2001 and developed using C++ builder and it was VCL.
- 1
-
almost 2.5 years 🙂
- 1
-
-
-
Video and project added.
- 2
-
In this video you will learn how to implement listswiper plugin for mobile in Unigui and make your web app friendly and easy to use and also how to build a beautiful UI.
* Project attached (exe included)
* mySQL DB attached
- 6
- 2
-
Well done !! Great
-
ajaxRequest(MainForm.window,'myfunction',[]);//js code to call a function inside MainForm->AjaxEvents
How to stop User 1 viewing User 2's files ?
in General
Posted
Sure