I want to upload a file by ajax but I don't want the server direct link appears

Question

Everyone know when upload a file by ajax we must add the direct link to the php file which will upload the file, ex: url: site.com/upload.php.

What I want is that this link site.com/upload.php will not be the direct link to upload the file, but it will be just redirection to the up.php file which will be upload the file actually.

The aim is I want to disappear the link which responsible for upload the client file.

Is this idea can be implemented ?

You can try to start a ajax post on upload.php with the values from the first ajax and send to up.php — momouu, Dec 10 '15 at 15:49
@monace19: But the values that will transfer from upload.php to up.php not a normal data such as string or integer value but it is content of upload file and maybe it is not one file maybe more than one. — Lion King, Dec 10 '15 at 20:34

score 0 · Answer 1 · edited May 23 '17 at 10:27

IMHO If your target with that is security, You're targeting the wrong phase.

Instead of protecting the PHP File location, you can protect the file itself.

the UP.PHP can have some "filename" protection using mod rewrite (How to remove .php or .html extension from single page?)

The UP.PHP can have authentication and authorization through your site auth/autho system, and if you want it public, do it keeping FORM ID pair or something.

The address of the UP.PHP will look something like: site.com/upload/receiver and will point to your file, if you want to protect even this address, you should use anything else but JS Ajax, like flash, java, or anything else.

Just follow any how to do it step-by-step. https://www.google.com.br/webhp?sourceid=chrome-instant&ion=1&espv=2&ie=UTF-8#safe=off&q=flash+file+uploader+example

Use SSL encryption...

I want to upload a file by ajax but I don't want the server direct link appears

1 Answers1