Please start any new threads on our new
site at https://forums.sqlteam.com. We've got lots of great SQL Server
experts to answer whatever question you can come up with.
| Author |
Topic |
|
yipchunyu
Yak Posting Veteran
80 Posts |
 Posted - 2003-06-18 : 12:56:57
|
| i got a n-tier system which build with IIS5.0, COM server and a SQL2000. just a typical one, The current situation:web server - dmz com server - app. zonesql 2000 - database zoneI am planning to let the user dl some files from this app.As secruity is great concern to me, i don't know what is the best practice to do it.I can insert the file to the database as a binary file (but the file is quite large in both size and quantity) another method is just put the file on the app zone / dmz (?) and create a com object to force the user to dl the file.however, both of these method is not a good one. Any better alternative?Thx in advance. |
|
|
robvolk
Most Valuable Yak
15732 Posts |
Posted - 2003-06-18 : 13:06:05
|
| I'd suggest leaving files as files, do not insert them into the database. You really don't get much benefit and it adds a layer of complexity when retrieving or saving files. You also have more security options if you store the files normally on disk. |
 |
|
|
yipchunyu
Yak Posting Veteran
80 Posts |
Posted - 2003-06-19 : 02:20:59
|
| sorry to post this question on other section too as i don't know how to classify this.anyway,back to the question.If u suggest to leaving files as files. Where should i put the files? On the app server? but can the com object to copy a file and send back to web site and force the user to dl it?Any reference material can u suggest?Thx |
|
|
|
robvolk
Most Valuable Yak
15732 Posts |
Posted - 2003-06-19 : 07:22:56
|
| I don't understand the need to "force the user to download" the file. That part of the process is unclear. It really doesn't matter where you store the actual files, my only point was to NOT store them in a SQL Server database because it would complicate the process. I would guess if you're going to have people download the files then keeping them on the web server is probably the best bet...again, don't make the process more complicated. |
|
|
|
|
|
|
n-tier file download design