Good one! At @9:43 shouldn't you change the public to avatars in the disk method?
@LaravelDaily11 ай бұрын
Oh yeah, well spotted!
@3bood_kr9 ай бұрын
Thank you for this video. I want to store some user files in private disk but i want to let only user view their own files in browser because if i put them in public and any user gets the name they can view it. can you help this?
@alex_nita11 ай бұрын
Great tips as always! May I ask what app are you using to connect to the database? Thank you
@LaravelDaily11 ай бұрын
TablePlus
@alex_nita11 ай бұрын
@@LaravelDaily thank you
@luispointme11 ай бұрын
You rock!!! How can we crop avatar image to store small and centered images?
@meerbekakimzhanov621711 ай бұрын
That can be easily achieved with SPATIE Media library as mentioned in the video
@SahilKumar-bt2pf11 ай бұрын
Hello sir, How to upload a zip file which contains some xls files inside. So basically upload zip file then extract it somewhere and start inserting all rows of each xls files into database.
@LaravelDaily11 ай бұрын
You need ZipArchive in PHP. Googled old tutorial: code.tutsplus.com/file-compression-and-extraction-in-php--cms-31977t
@martin.j.osborne11 ай бұрын
Terrific tutorial --- thanks! Why are the methods getClientOriginalName and getClientOriginalExtension "considered unsafe"? The Laravel docs says it's because "the file name and extension may be tampered with by a malicious user". What kind of "tampering" is possible and what could the effect of such tampering be? Is it unsafe even to get that information and store it in the database as a field (without using it as the name of the file)?
@LaravelDaily11 ай бұрын
I guess it's worth another separate video some day
@DavidLun11 ай бұрын
file name and extension is considered unsafe because it is a form of user input and should not be trusted. What could be possible attack vectors? 1. file with the same name overwritten. 2. extension jpg doesn't mean it is image, it can easily be php file. (by default laravel prevents execution by accessing such files directly) 3. mime type can also be spoofed by first bytes of the file if you do check only mime/type. 4. fill up your disk space This is what you can do to avoid that: 1. does your user really needs to know the actual file name? most often the $file->hashName() is enough. optionally save filename as db entry, make sure it is not parsed as a code. 2. validate extension, mime/type and contents of the file. for images process them after upload by removing EXIF and other metadata. 3. validate the file size. 4. use CDN for file storage, so you remove the possibility to executing them on your server.
@IkramKhizar3110 ай бұрын
"??=" What does that syntax mean? It's not Null coalescing
@LaravelDaily10 ай бұрын
Googled for you: stackoverflow.com/questions/59102708/what-is-null-coalescing-assignment-operator-in-php-7-4
@IkramKhizar3110 ай бұрын
Thanks @@LaravelDaily
@Zubbee6 ай бұрын
Thanks a lot for this video. However I have a peculiar issue. I uploaded a file but when I try to download it, I get this error Unable to retrieve the file_size for file at location: 2f8e7eb388f214ec84c7ab92a2154670df0abd730a030f864b.pdf. when I check if it exists I get true but when I try to download I get this error
@FririkurEllefsen11 ай бұрын
I don't use file as an extra field in the db table, instead have a separate controller and model for cv, and avatar, that is an Avatar controller and a CV controller. I then use the post controller to handle both file inputs. I take the post ID after the post has been updated and save it if ($file = $request->file('CVfile')) { if (CVFilecontroller::where('post_id', '=', $request->post_id)) { $jobfiler = JobOpslagFile::all()->where("post_id",$id); foreach($jobfiles as $CVfile){ $filename = $CVfile->name; $CVfile->delete(); $CVfile_path = public_path('ansfil/'.$filename); if(file_exists($CVfile_path)){ unlink($CVfile_path); } } } $fileName = "CVfile".auth()->id() . '_' . time() . '.'. $request->CVfile->extension(); $type = $request->CVfile->getClientMimeType(); $size = $request->CVfile->getSize(); $request->CVfile->move(public_path('CVfile'), $fileName); CVFilecontroller::create([ 'user_id' => auth()->id(), 'post_id' => $id, 'name' => $fileName, 'type' => $type, 'size' => $size ]); }
@alonsoramirezpaez32598 ай бұрын
Is it possible get a url for a private (just authenticated) file? For example, for load image in some
@LaravelDaily8 ай бұрын
Yes, then your "src" should be a URL to Laravel route which should return image after the middleware.
@evanceodhiambo989411 ай бұрын
Thank you.I just got a deep understanding of the disks.But I have a different method of having a class ie ImageProcessor which I use for all my image processing.
@yannik827121 күн бұрын
Thank you so much!
@howasyourday33513 ай бұрын
hello friend, I have a website. users can send images from the dashboard of the laravel application(Breeze), then the admin (Filament) can edit them. but the image only appears in the table, when I edit the image it does not appear. does anyone have a solution here? thanks, god bless🙏
@LaravelDaily3 ай бұрын
Look at what image URL you have on the edit page in the Browser Console. Double-check your .env file for correct APP_URL. These are two suggestions which, in my experience, usually solve the problem.
@howasyourday33513 ай бұрын
@@LaravelDaily thank you for the advice, God bless you🙏
@basharumar29129 ай бұрын
can i use policies to prevent unauthorized download instead of middleware
@LaravelDaily9 ай бұрын
Yes
@nicolaslucianoismaeljara56046 ай бұрын
I'm so grateful with you!!!
@pebarradas10 ай бұрын
I've been waiting for this amazing video! Thank you Povilas! More one great content, very clear explanation!
@ABEDALLAHGOZAH11 ай бұрын
I think your explanation way suite just the master developer
@l.b7610 ай бұрын
If Spatie Media Library can move files from storage to public folder, does that mean that you don't need the sym link?
@LaravelDaily10 ай бұрын
It moves to storage/app/public. But you can configure it to move to /public. Then yes, you don't need a symlink in that case.
@l.b7610 ай бұрын
@@LaravelDaily thank you!!
@JohnRoux11 ай бұрын
Just btw, the s3 filesystem does also support `root`, so you can do the same "make a new disk per thing to store" and use a single s3 bucket for public and a single buckeet for private
@hassanfazeel235411 ай бұрын
Excellent explanation.Spartie media library solves many problems as you mentioned.
@waheed198711 ай бұрын
Hi, Awesoem tutorial as always. I have a question, in the case of private file, you told the method to allow "Download" the file, what if we want to show the image (to only authorized users)?
@LaravelDaily11 ай бұрын
Img src=Laravel-route-that-returns-image
@aliaxonbaig22513 ай бұрын
Very well explained, at 12:09, you missed to explain how to download private files when using Spatie Media library, It works for public but 404 for private files while downloading.
@vivekghongate368011 ай бұрын
Thank you for explain is easy way
@buhbailey72010 ай бұрын
Not convinced why these files shouldn’t be saved in longblob field in the database. Why clutter the file system of the app along with the possible issues that creates. Database seems to be the perfect spot for saving these files but have not found a single tutorial for doing so. Been doing it that way in several projects withstanding years of use with hundreds of thousands of pdf files without issue. I’d like to see someone create a tutorial using livewire or filament to see how others would approach that solution.
@suzysusy19738 ай бұрын
13:57 why did not we use asset('storage/'.Auth::user()->avatar) ?
@raj-kal11 ай бұрын
awesome information as always. thanks 👍
@DedexYoutube11 ай бұрын
Why you save in the variable $avatar the action Storage::disk.... Why you dont simple do Storage::disk... without saving in $avatar that is something that I saw also in real life projects but I never understand why
@LaravelDaily11 ай бұрын
Because I need $avatar later to be stored in the DB as filename.
@NikaSimonishvili-o9k11 ай бұрын
What ??= operator does?
@LaravelDaily11 ай бұрын
This video will answer: kzbin.info/www/bejne/m5DOl2ipbsZ6Y80si=chPfXGl7zwL3j8as
@fuskydon11 ай бұрын
Please @LaravelDaily, can you help us create a video on Localisation. Am trying to build a Laravel Application of English and Arabic, many Laravel developers are having this issue also and also the use of rtl & ltr when chnaging from Arabic to English, can you help with this Sir? For todays tutroial, i really do learn a lot, Thanks 👍
@LaravelDaily11 ай бұрын
Our team doesn't work with RTL so I can't really help, sorry
@fuskydon11 ай бұрын
Thanks Sir@@LaravelDaily
@techfuture-code-tv8 ай бұрын
Thank you sir great mentor, You really kill it for storage tutorial.
@obeddougan150511 ай бұрын
What about Google drive??
@LaravelDaily11 ай бұрын
Setting up Google Drive is pretty complex, actually, you need to register it as a driver in the filesystem. Googled this tutorial: www.luckymedia.dev/blog/google-drive-integration-with-laravel
@obeddougan150511 ай бұрын
Thank you very much
@codesmiles_11 ай бұрын
I don't really know how laravel handles caches
@LaravelDaily11 ай бұрын
Start from the docs? laravel.com/docs/10.x/cache
@hentype11 ай бұрын
I personally use redis in production.
@codesmiles_11 ай бұрын
That's nice I gotta learn how to set up my project to production. Pls any recommendations?
@amirkouchaki748111 ай бұрын
When trying to create a user page in which the posts can only be seen by the followers of the page and the owner themself, where should I store the posts images? If I store it in the public disk anyone that has gotten the image link once can access it forever. Is this a problem? For example what would a platform like instagram do for private pages and the images in those pages?
@LaravelDaily11 ай бұрын
Good question. I guess they store them as private and then do img src=Laravel-route-that-returns-image
@shaikhfoysal442611 ай бұрын
Thanks so helpful video. Thanks
@QuotesGT11 ай бұрын
Thank you! Please tell me how you can set up folders for the Spatie media library so that if there are a large number of files, they can be sorted into subfolders? and is it possible not to do a subscription for one file?
@LaravelDaily11 ай бұрын
I haven't done those two things with Spatie, I like its default folder structure and don't see the need to change it.
@98kcv10 ай бұрын
At 9:40, when you added a new disk to store avatars and changed the putFileAs() parameter to '/', shouldn't you have changed also Storage::disk('public') into Storage::disk('avatars') to make it work?
@LaravelDaily10 ай бұрын
Yes you're probably right, well spotted!
@98kcv10 ай бұрын
Thank you very much for the answer! I just noticed that someone else made the same question some weeks ago.
@ramzibenssaci200711 ай бұрын
best laravel content in youtube 😎😎😎🎉🎉
@MimisK8811 ай бұрын
So we can use spatie/media-library for any file type? 🤔
@LaravelDaily11 ай бұрын
Yes
@roman_zabigaliuk11 ай бұрын
Thank you very much for your helpful videos, master. This is one of the treasures.
@alladdinshaker85899 ай бұрын
Thank you very much
@k0wu70511 ай бұрын
i have last_login_at column in table users. how update this column when user logs in? event listener doesnt work...
@LaravelDaily11 ай бұрын
Not sure why event listener doesn't work. It should work, can't debug that for you.
@alcymn9 ай бұрын
In your auth controller? Update it after the successful login attempt
@AzDavai11 ай бұрын
This is ressourceful
@GergelyCsermely11 ай бұрын
Thanks
@dylandile157311 ай бұрын
Ho about file size configurations? For both the Laravel Application and the web server you are using.
@hentype11 ай бұрын
Read about validations.
@LaravelDaily11 ай бұрын
Here's our tutorial about it: laraveldaily.com/post/validate-max-file-size-in-laravel-php-and-web-server
@dylandile157311 ай бұрын
@@LaravelDaily Thank you let me check it out
@davidlabadze341611 ай бұрын
❤
@sandeepbhambre11 ай бұрын
What about file visibility?
@LaravelDaily11 ай бұрын
Here's the link to the docs: laravel.com/docs/10.x/filesystem#file-visibility
@shayanCodingMaster11 ай бұрын
Sir which cache driver should I use in Laravel? Please tell me sir.
@Xewl11 ай бұрын
During dev, just use the default (file) (tests mostly use array, which is in-memory cache-ing) During production you have some options - database (poor man's cache) - memcached (good, but probably slower than redis) - redis (needs redis server to run, but good.) - dynamodb (when running on AWS) - octane (speaks for itself, when using octane)
@bulent243511 ай бұрын
Thanks for the video. Those who don't have SSH access can create a route to generate symlink. Route::get( 'symlink', fn () => Artisan::call( 'storage:link' ) ); will generate the link.
@amirkouchaki748111 ай бұрын
In some shared hosting services "ln" command is locked so this also wont work
@bulent243511 ай бұрын
@@amirkouchaki7481 too bad but what is ln command?
@amirkouchaki748111 ай бұрын
@@bulent2435 its a link command that can soft or hard link files and folders similiar to what artisan storage:link does. When they disable the command doing it via web route will give an error that ln is disabled if i remember right
@silas47524 ай бұрын
"ln" is a linux command to create symlinks, I am not sure laravel is using this - I guess it's using PHPs symlink() function which is safe when using different operating systems don't forget to delete the route after creating the symlink :D