[TYPO3-dam] handling data outside of teh document root

[Krystian Szymukowicz]

Thomas Hempel wrote:
> I don't think so, because it doesn't solve the problem, that the files 
> should not be accessible dirctly from the browser. But I think I didn't 
> mentioned that in the first post. ;-)
> 

The filename in DAM is not so important. There is a lot of fields and 
atributes that describe file in DAM.

May proposal is to make a little tweak to DAM so every uploaded file get 
random filename. This way even if the file is in the area accesible by 
browser there is no way to guess its filename and get it witout FE 
application.

Of course FE application can't pass the link to the file directly. File 
must be send by opening a proper stream. Look here 
"http://pl2.php.net/header" and search for "function dl_file($file)".

A filename for a stream could be get from a special field in DAM file 
properties: "File download name". A description of that field is: "A 
file name which should be used to download the file in a potential 
frontend application."

What do you think?

--
greetings
Krystian Szymukowicz