On 24/09/10 01:36, Neil Kandalgaonkar wrote:
Good point, but in this case I'm just storing the
path to a temporary file.
The file isn't even sensitive data; it's just a user-uploaded media file
for which the user has not yet selected a license, although we
anticipate they will in a few minutes.
Hello Neil,
The file path might be sensitive, you do not want to potentially expose
your path hierarchy. At least, I would not do it :)
About your issue, assuming the media file has been entered in the
image/media database table :
- When the user is redirected to a new page upon upload, you might just
pass the file ID by parameter / session.
- When the user is allowed to upload several files and then is prompted
for licences, you might just look at the database for files owned by
user for which licence is null.
--
Ashar Voultoiz