Password protecting downloads

I'd say this isn't a new problem! How have others achieved the same
thing on their sites?

It may not be the easiest solution, but it is the most effective..
considering storing the files in a mysql database. Many people forget
you can easily store and retrieve binary data from the db. This way,
you can highly control when and if the data stream is sent to the user
from the db, and it's nearly impossible for anyone to get data out of it
without properly authenticating via your scripts.. using this method,
there is no direct http path to the file.
This certainly sounds the most secure option. Is this likely to give
the server much of a performance hit?
Secondly, you can store the files outside of the webroot.. sounds like
you're using shared hosting here, so instead of putting the files in
your public_http, put them somewhere else, then your download script
just sources that file, whereever it is (fopen) and sends it..

Secondly, you can store the files outside of the webroot.. sounds like
you're using shared hosting here, so instead of putting the files in
your public_http, put them somewhere else, then your download script
just sources that file, whereever it is (fopen) and sends it..

alex wrote:

Secondly, you can store the files outside of the webroot.. sounds like
you're using shared hosting here, so instead of putting the files in
your public_http, put them somewhere else, then your download script
just sources that file, whereever it is (fopen) and sends it..

I've just realised I can change permissions on this server, so if I
create a subdirectory in wwwroot called privatearea, put my file1.zip in
there and remove the public read permission, a web browser can't get
it's hands on it.

it's been awhile since i used any shared hosting (three or four years at
least), but if it's *nix based (you don't use a windows host.. do you?)
you should have some sort of a /home/user dir.. normally including your
public_http, maybe a public_ftp, normally also an etc, and a few others
depending on your host for all the settings and such pertaining to your
account.. your host could of course be different.

Now, I create a test.php in the same directory as file1.zip and using
$_SERVER['PATH_TRANSLATED'], I get the full file system path to where my
files are. So:

$file="/full/path/to/my/wwwroot/privatearea/file1.zip"
if ($file_handle=fopen($file,"r")) echo("PHP can read the file!");

And I see PHP can read the file okay, but web browsers don't get direct
access to it.

Presumably I can now use fopen to send the data back via PHP?

Thanks for the pointer in your first post, I seem to be on the right
track now I hope. Tomorrow I'll try and work out how to have PHP send
the file back.. 3.30 am now :-\

I'm in the middle of developing a website with a downloads section.
It's a wad of educational software for an LEA which for obvious reasons
needs password protecting. Users have to authenticate before being
allowed to search and getting a link to the download.

Don't want the users to get at the files without logging in first, so I
created a script (filedownload.php) that adds the filename to the URL
query string (e.g., filedownload.php?file=file1.zip)

filedownload.php then simply prepends the full name of where the files live:

here is a bit of a script i use to open an a file and send it to the
client.. you can use this to help.. (keep in mind, when we send
headers, they must be the first thing sent, you can't have any output go
to the client first) (also, using this method, i always use the ob
buffer.. so all the headers and file stream are sent at the same time..
works this way for me.. ymmv

#------------------------------------
ob_start();
header('Content-type: application/x-gzip');
header('Content-Disposition: attachment; filename="' . $file . '"');
header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
header("Cache-Control: post-check=0, pre-check=0", false);
header("Pragma: no-cache");
readfile($dir . $file);
ob_end_flush();
#------------------------------

be sure to modify the content-type for whatever you're sending

Fine (when set to point outside the web root) so long as you know that
your security model is "the key's under the mat". Ie. the you can't
revoke permission to a single user, and you've opened up the complete
archive to all users.

BTW here is your starter for 10.
How steps should you take to stop somebody trying to access the php
sources by trying out a few possibilities like
"filedownload.php?file=../www/filedownload.php"?

alex wrote:

Secondly, you can store the files outside of the webroot.. sounds like
you're using shared hosting here, so instead of putting the files in your
public_http, put them somewhere else, then your download script just
sources that file, whereever it is (fopen) and sends it..
I've just realised I can change permissions on this server, so if I create
a subdirectory in wwwroot called privatearea, put my file1.zip in there
and remove the public read permission, a web browser can't get it's hands
on it.

Now, I create a test.php in the same directory as file1.zip and using
$_SERVER['PATH_TRANSLATED'], I get the full file system path to where my
files are. So:

$file="/full/path/to/my/wwwroot/privatearea/file1.zip"
if ($file_handle=fopen($file,"r")) echo("PHP can read the file!");

And I see PHP can read the file okay, but web browsers don't get direct
access to it.

Presumably I can now use fopen to send the data back via PHP?

a better function might be readfile() because it reads the file and outputs
straight to the browser. all you need before it is header()s.

Thanks for the pointer in your first post, I seem to be on the right track
now I hope. Tomorrow I'll try and work out how to have PHP send the file
back.. 3.30 am now :-\