identify an uploaded file with unique identifier

Question

i want to implement an idea but i don't know if it's possible, need your advices.

• so , i created an excel file with custom validations, i want the users to download that exact same file , fill in their data, and then upload this same file in the application again.

• so to make sure that it is the same file that was downloaded from my website. i want to secure it with a key ( or unique token maybe) and then checked it in the backend once uploaded.

is there any possible way to do this ?

ps : i'm using laravel 10

thank you.

i've searched a lot, but didn't find any helpfull answers. i really need your help

Answer 1

Yeah, it's possible. I don't think it's particularly useful though, since the user could download the file, grab the verification key, then upload whatever they wanted as long as the verification key was in the same spot. If you just want really rough validation, it should work.

The approach would be something like this:

1. User request a download
2. Generate a UUID for the request
3. Store the UUID + UserID so it can be validated when the user re-uploads their file.
4. Embed the UUID in the Excel file. You'll need a library like PhpSpreadsheet to do this. You can insert it into a cell, in which case the user can see it, or you can embed it as metadata (see setCustomProperty).
5. Send the file to the user as a download.

Then when they upload the file, do it in reverse.

1. User uploads file
2. Parse the file with PhpSpreadsheet to load the UUID.
3. Compare the UUID in the file with the UUID for this user in the database.
4. Error if it's a mismatch.

Or, if you don't care about weird filenames, you could store it in the filename instead, in which case it's even easier because you can validate it from the filename instead of having to parse data. But then it's even easier to manipulate, since the user could upload a JPEG with the filename UUID-HERE.csv.