In my job website, there are two types of users- jobseeker and employer. I give options for jobseeker to upload their profile photo and resume (.doc/.pdf).
- What is the best way to name uploaded photo and upload resume files? How to store them securely?
- How to ban other users and visitors accessing other jobseekers' profile photos by accessing file location / url access? For example: http://ift.tt/2qIhozu or http://ift.tt/2rrCHmh
- How to allow only premium employers to download the jobseekers' uploaded resume (.doc/.pdf)?
Note: I created two middleware: "jobseeker" and "employer" middleware.
Please kindly provide advice or code to achieve these two points with security? Thank you.
via Chebli Mohamed
Aucun commentaire:
Enregistrer un commentaire