Where to store uploaded files and how to access it


i uploaded some files to /protected/data directory and im not sure if this is the right directory to store uploaded files in YII framework.

and furthermore, how to i access files in /protected/data??

All files under “protected” directory shouldn’t be accessible from outside. That’s why there is .htaccess file with “deny from all” contents. But you can use CAssetManager to publish extensions’ scripts and css files. In your case the best solution is to create a directory “uploaded_files” in the web root of your site and store all files there (if you want your site visitors to access these files of course).

hi, tks…

but im wondering if yii has this functionality of a public resource file/method which help access protected data. so for example, to call a abc.jpg photo in the protected dir, u do it resource.php?type=img&file=abc.jpg. and resource.php will be go source for the file and display it. this resource file can also use to load javascript and all.

If you have access to the webserver configuration, also check out X-Sendfile:


EDIT: Probably only useful, if you still want to restrict file access to some users.