Home/ Questions/Q 6119791
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-23T15:35:38+00:00

I’m writing a php file upload script for a project – I have seen

  • 0

I’m writing a php file upload script for a project – I have seen all the great opensource ones out there, but I’ve decided to do my own as I have a level of user access rights that I can’t seem to find anywhere.

So this is what I’m trying to do:

  1. Normal file uploads area, exactly like elFinder
  2. Some way to restrict certain users to view the folders and/or files, depending on what group they belong to. I need to do this as this is for an organisation I work in where certain users can only see the docs they are supposed to

Originally I decided to make a mysql solution where each and every folder has an ID, and when you create a folder you specify the groups that are allowed to view that folder – but this doesn’t seem like the most elegant solution.

Can anyone suggest a theoretical way to do this? I’m happy to code it all in PHP, but I just can’t get my head around the best way to do this.

Is there some way (short of naming folders in specific ways), that folders and files have properties I can exploit here?

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Since you have exacting permission requirements, you can implement a structure similar to UNIX’s granular approach to file permissions. Each file or folder should have an owner, a group, and a permissions string which looks like ‘755’.

    The first position of the permission string pertains to the owner of the file or directory. The number 4 stand for read privileges, 2 stands for write privileges, and 1 stands for execute privileges. The permission is cumulative, so a permission of 7 in the first column (4+2+1) means the owner has read, write, and execute permission.

    The second column pertains to the group. In this case, group members can read (4) and execute (1) (4+1=5).

    The third column pertains to everyone who is not the owner or member of the group. This position is known as ‘world’ or ‘other.’ In this example, ‘other’ users also have read (4) and execute (1) permissions.

    After creating owner, group, and permission columns for each file/directory, you will need to create a ‘groups’ table, and a table to map users to groups (‘user_groups’). Then assign each user to one or more groups, and assign owner, group, and ‘other’ permissions to each folder (and file if needed).

    For more information on Unix file systems, see this tutorial.

    • 0