I am trying to create a folder structure like so:
one level ABOVE the public web directory. The only unique key (besides the user_id itself) is the user email, since their email is their username, so...
Question: Would people be able to access these directories and get a hold of all user's email address? How bad of an idea is this? What possible alternatives do you suggest?
Thanks.
Definitely make sure you use hashes instead of plain-text E-Mail addresses. That is a must.
Other than that, I guess this is as safe (and unsafe) as a solution can be that is based on security through obscurity (i.e. your security relies solely on the fact that nobody knows the URLs - but if they do, they can access them without limitation.) There are many potential holes - a user could bookmark a URL; it could be embedded somewhere on a page; it can be stored in server, browser, and proxy logs...