How to ensure the security and reliability of uploading and downloading web applications and do a good job of authority control

  question

For example, php is the back-end of common web applications. How to design a file upload and download class?
1. Security: Malicious users may upload attack scripts
2. Reliability: As the back-end of PHP development, the common download is http. How to improve the download reliability
3. Rights Control: Design for Download Rights of Different Users

In terms of security, it is necessary to ensure that the uploaded directory cannot execute scripts. my approach is to judge whether the user has the right to download, and if so, to generate a decrypted encrypted link, which should include the downloaded file information and expiration time, and then jump to the downloaded file, so as to basically prevent chain theft and authority problems.