I have a user registration page where the user signs up for an event and then submits a paper. A reviewer will then read the paper, and approve/decline it. I finished all the registration, validation, login, and user authentication stuff. Now I need to design a way for the user to upload his/her paper on the website and then view the status of it. I'm kind of lost for ideas about how to structure this whole thing.
I need to know 2 things
1) Where should I store the papers (docs files)? Should I put it all in a folder within the website directory, use google docs, jquery plugin? What's the normative procedure here?
2) How should I structure the reviewer? Should he/she have a master account on the site, that can view all submitted docs and then approve or deny them? If so how do I setup a master account, make all the docs viewable, and mark the status?
I have a rough idea for the status. I can have a Paper Status column in the database and have two checkboxes on the website; when the reviewer finishes reading the paper, they can just select one of the checkboxes and that information will get put into the database. Then I can retrieve that information and present it to the user.
Storing them on your server should be no problem. If they need to be secure you should keep them above your public folder. For instance if your path is /user/public_html you should make a folder for these papers somewhere like /user/papers.
Then when loading one of them in you should use the header() function to serve up the proper force-download headers, then readfile() to actually send the file contents to the browser so a reviewer can download the file. This also gives you a chance to authenticate the user before they actually get access to the file -- this is important so that a link cannot just randomly be 'discovered', giving access to all of your papers away.