What to do with saving user uploaded files in the Zend Framework application?

I am creating a web application that will include the usual download and extraction of files (PDF files, Word documents, etc.).

Here are the requirements:

• should be able to reference them in my script view so that the user can upload files.
• Files should not be accessible to users who are not logged in.

Question No. 1: Where should I store these files?

• In the file system?

  • Does this mean the directory uploadsin my directory public?
  • I also want it easy for me to deploy a new version of my application when changes have been made to the code. I currently have a process where I upload my application to a directory with the current date (i.e. 2009-12-01) and create a sim link to it called current. This would mean that the directory uploadsmust be outside this directory so that it can be shared between all the different versions of the application, regardless of which one is in use at that time.

• In the database?

  • I could store the contents of the file in the database and serve them when the user requests to download them. This would protect the files in my application from unauthorized users, but I could achieve the same result as soon as I create a controller to do this work.
  • This solves the communication problem with sym.
  • ( ).

, ?

:

:

, :

/server/myapp/releases/2009-12-15
/server/myapp/current -> /server/myapp/releases/2009-12-15

:

/server/uploads
/server/myapp/current/application/data/uploads -> /server/uploads

APPLICATION_UPLOADS_DIR /public/index.php:

// Define path to uploads directory
defined('APPLICATION_UPLOADS_DIR')
    || define('APPLICATION_UPLOADS_DIR', realpath(dirname(__FILE__) . '/../data/uploads'));

, :

<?php

class Default_Form_UploadFile extends Zend_Form
{
    public function init()
    {
        //excerpt

        $file = new Zend_Form_Element_File('file');
        $file->setLabel('File to upload:')
            ->setRequired(true)
            ->setDestination(APPLICATION_UPLOADS_DIR);
    }
}

, . , mime , :

public function uploadAction()
{
    //...excerpt...form has already been validated

    $originalFilename = pathinfo($form->file->getFileName());
    $newFilename = 'file-' . uniqid() . '.' . $originalFilename['extension'];
    $form->file->addFilter('Rename', $newFilename);

    try {
        $form->file->receive();
        //upload complete!

        $file = new Default_Model_File();
        $file->setDisplayFilename($originalFilename['basename'])
            ->setActualFilename($newFilename)
            ->setMimeType($form->file->getMimeType())
            ->setDescription($form->description->getValue());
        $file->save();

        return $this->_helper->FlashMessenger(array('success'=>'The file has been uploaded.'));

    } catch (Exception $exception) {
        //error
    }
}

, , Noginn SendFile Action Helper.

public function downloadAction()
{
    //user already has permission to download the file
    $this->_helper->layout()->disableLayout(); //won't work if you don't do this
    $file = $this->_getFileFromRequest();
    $location = APPLICATION_UPLOADS_DIR . '/' . $file->getActualFilename();
    $mimeType = $file->getMimeType();
    $filename = $file->getDisplayFilename();
    $this->_helper->sendFile($location, $mimeType, array(
        'disposition' => 'attachment',
        'filename' => $filename
    ));
}

script, id :

<a href="<?php echo $this->url(array(
    'controller'=>'files',
    'action'=>'download',
    'file'=>$file->id)); ?>"><?php echo $file->displayFilename; ?></a>

! , /.