468,257 Members | 1,425 Online
Bytes | Developer Community
New Post

Home Posts Topics Members FAQ

Post your question to a community of 468,257 developers. It's quick & easy.

Protected File Downloads

Hi.

I'm looking for a way to allow users to download files, but what files
they see and can download need to be restricted to their username..

I will have a couple of users who will have full access, the others
need to see only the files I have allocated to them.

Can this be done ?

Any scripts available to do this ?

Thanks

May 30 '06 #1
2 1299
je***********@yahoo.com wrote:
Hi.

Hi,
I'm looking for a way to allow users to download files, but what files
they see and can download need to be restricted to their username..
If their username is a unix username (real user) than .htaccess could be of
use.
If the users are unrelated (eg Database-stored) to systemusers, you'll have
to use PHP to deliver the file.


I will have a couple of users who will have full access, the others
need to see only the files I have allocated to them.

Can this be done ?

Yes.

Just place the files in a directory where nobody can access them directly
via a http-request.
Let PHP, once you agreed that the user should be ok, read the file and give
it to the user.
So the PHP-user (on *nix often: apache, or nobody, or www-data) should of
course have read-right on all the files for this to work.
Any scripts available to do this ?
No idea. Quite basic stuff.
You can roll your own.
Have a look at www.php.net, and look for fopen() and the other
filefunctions.


Thanks


Good luck.

Regards,
Erwin Moller
May 30 '06 #2
Erwin Moller wrote:
je***********@yahoo.com wrote:

Hi.
Hi,

I'm looking for a way to allow users to download files, but what files
they see and can download need to be restricted to their username..

If their username is a unix username (real user) than .htaccess could be of
use.
If the users are unrelated (eg Database-stored) to systemusers, you'll have
to use PHP to deliver the file.


You don't have to be a unix username to be available in .htaccess. mod_auth
will handle non-unix names also. For a few files and a few users, this would be
pretty easy. But as the number of files and users increases, it can become more
difficult to administer.

How to set this up would be better asked in alt.apache.configuration.

I will have a couple of users who will have full access, the others
need to see only the files I have allocated to them.

Can this be done ?
Yes.

Just place the files in a directory where nobody can access them directly
via a http-request.
Let PHP, once you agreed that the user should be ok, read the file and give
it to the user.
So the PHP-user (on *nix often: apache, or nobody, or www-data) should of
course have read-right on all the files for this to work.


Yep, either place it before the website root directory or protect the directory
with .htaccess.

If it's going to be a lot of files with a lot of users, I would recommend
managing access in a database. By this I don't mean to use the database itself
to manage the security; rather use it in your PHP code to identify who can
access what).
Any scripts available to do this ?

No idea. Quite basic stuff.
You can roll your own.
Have a look at www.php.net, and look for fopen() and the other
filefunctions.


I agree. This is something that's just faster to write yourself than 1) Search
the internet, 2) Determine which is closest to your needs, 3) Understand the
code so that you can 4) Modify it to meet your exact needs.

Thanks

Good luck.

Regards,
Erwin Moller

--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
js*******@attglobal.net
==================
May 30 '06 #3

This discussion thread is closed

Replies have been disabled for this discussion.

Similar topics

10 posts views Thread by StevePBurgess | last post: by
3 posts views Thread by Matthew Moran | last post: by
1 post views Thread by Jeff Cooper | last post: by
10 posts views Thread by Atley | last post: by
nathj
21 posts views Thread by nathj | last post: by
7 posts views Thread by =?Utf-8?B?QU9UWCBTYW4gQW50b25pbw==?= | last post: by
reply views Thread by NPC403 | last post: by
By using this site, you agree to our Privacy Policy and Terms of Use.