Hello!
I'm trying to secure pdf-files from users that are not logged in on a
site.
What I have tried now is to make a .htaccess file in the directory
where the pdf's are with "deny from all" which stops everyone from
downloading them. Then in the member-area when a user wants to
download a pdf a php-script copies the pdf-file from the secured-
folder to a temp-folder and renames it to some random file-name that
the user can download. Then when the user are ready with the download
I want the temp-file to be deleted automaticly to prohibit other non-
members to find it? How can I do this?
Maybe someone have another totally different solution to secure files?
Regards
/Samuel 13 1806
On 16 Feb, 11:33, n...@spray.se wrote:
Hello!
I'm trying to secure pdf-files from users that are not logged in on a
site.
What I have tried now is to make a .htaccess file in the directory
where the pdf's are with "deny from all" which stops everyone from
downloading them. Then in the member-area when a user wants to
download a pdf a php-script copies the pdf-file from the secured-
folder to a temp-folder and renames it to some random file-name that
the user can download. Then when the user are ready with the download
I want the temp-file to be deleted automaticly to prohibit other non-
members to find it? How can I do this?
Maybe someone have another totally different solution to secure files?
Regards
/Samuel
Read the file's contents and send it to the terminal with the correct
headers. No need to write a temp file at all.
You will use similar code to this, replacing the database with your
"hidden" files.
Also rather than using .htaccess to deny access, just hold the files
in a directory that isn't in the http root structure.
On 16 Feb, 11:52, "Captain Paralytic" <paul_laut...@yahoo.comwrote:
On 16 Feb, 11:33, n...@spray.se wrote:
Hello!
I'm trying to secure pdf-files from users that are not logged in on a
site.
What I have tried now is to make a .htaccess file in the directory
where the pdf's are with "deny from all" which stops everyone from
downloading them. Then in the member-area when a user wants to
download a pdf a php-script copies the pdf-file from the secured-
folder to a temp-folder and renames it to some random file-name that
the user can download. Then when the user are ready with the download
I want the temp-file to be deleted automaticly to prohibit other non-
members to find it? How can I do this?
Maybe someone have another totally different solution to secure files?
Regards
/Samuel
Read the file's contents and send it to the terminal with the correct
headers. No need to write a temp file at all.
You will use similar code to this, replacing the database with your
"hidden" files.
Also rather than using .htaccess to deny access, just hold the files
in a directory that isn't in the http root structure.
Oops, missed the link! http://www.onlamp.com/pub/a/onlamp/2...09/webdb2.html no***@spray.se wrote:
Hello!
I'm trying to secure pdf-files from users that are not logged in on a
site.
What I have tried now is to make a .htaccess file in the directory
where the pdf's are with "deny from all" which stops everyone from
downloading them. Then in the member-area when a user wants to
download a pdf a php-script copies the pdf-file from the secured-
folder to a temp-folder and renames it to some random file-name that
the user can download. Then when the user are ready with the download
I want the temp-file to be deleted automaticly
Hi,
But how do you know when the user is finished downloading the pdf with the
random filename?
to prohibit other non-
members to find it? How can I do this?
Maybe someone have another totally different solution to secure files?
Regards
/Samuel
It might be easier to just place the files in a directory with 'deny from
all' in the .htaccess (as you already did), and read the file with PHP.
Then let PHP deliver its content to the browser.
Have a look at the filefunctions at php.net.
Here is the function file_get_contents(): http://nl2.php.net/manual/en/functio...t-contents.php
(I have wondered why that function isn't named file_get_content() instead of
the plural form...)
If you let PHP deliver the PDF, make sure PHP sets the right header for the
mimetype (not text/html, but application/pdf)
In that way you can simply refuse the execute the downloadscript if the user
is not logged in.
Regards,
Erwin Moller
On 16 Feb, 13:00, Erwin Moller
<since_humans_read_this_I_am_spammed_too_m...@spam yourself.comwrote:
n...@spray.se wrote:
Hello!
I'm trying to secure pdf-files from users that are not logged in on a
site.
What I have tried now is to make a .htaccess file in the directory
where the pdf's are with "deny from all" which stops everyone from
downloading them. Then in the member-area when a user wants to
download a pdf a php-script copies the pdf-file from the secured-
folder to a temp-folder and renames it to some random file-name that
the user can download. Then when the user are ready with the download
I want the temp-file to be deleted automaticly
Hi,
But how do you know when the user is finished downloading the pdf with the
random filename?
to prohibit other non-
members to find it? How can I do this?
Maybe someone have another totally different solution to secure files?
Regards
/Samuel
It might be easier to just place the files in a directory with 'deny from
all' in the .htaccess (as you already did), and read the file with PHP.
Then let PHP deliver its content to the browser.
Have a look at the filefunctions at php.net.
Here is the function file_get_contents():http://nl2.php.net/manual/en/functio...t-contents.php
(I have wondered why that function isn't named file_get_content() instead of
the plural form...)
If you let PHP deliver the PDF, make sure PHP sets the right header for the
mimetype (not text/html, but application/pdf)
In that way you can simply refuse the execute the downloadscript if the user
is not logged in.
Regards,
Erwin Moller
Thank you for fast answer
I tried and it worked, i just did like this:
$str_pdf = file_get_contents("$pathtopdf");
echo $str_pdf;
Is this right? How can I set the right header?
When I did this the pdf-file that I downloaded got the same name as
the php-file that the script is in, how can I rename it to something
else?
On 16 Feb, 12:52, n...@spray.se wrote:
On 16 Feb, 13:00, Erwin Moller
<since_humans_read_this_I_am_spammed_too_m...@spam yourself.comwrote:
n...@spray.se wrote:
Hello!
I'm trying to secure pdf-files from users that are not logged in on a
site.
What I have tried now is to make a .htaccess file in the directory
where the pdf's are with "deny from all" which stops everyone from
downloading them. Then in the member-area when a user wants to
download a pdf a php-script copies the pdf-file from the secured-
folder to a temp-folder and renames it to some random file-name that
the user can download. Then when the user are ready with the download
I want the temp-file to be deleted automaticly
Hi,
But how do you know when the user is finished downloading the pdf with the
random filename?
to prohibit other non-
members to find it? How can I do this?
Maybe someone have another totally different solution to secure files?
Regards
/Samuel
It might be easier to just place the files in a directory with 'deny from
all' in the .htaccess (as you already did), and read the file with PHP.
Then let PHP deliver its content to the browser.
Have a look at the filefunctions at php.net.
Here is the function file_get_contents():http://nl2.php.net/manual/en/functio...t-contents.php
(I have wondered why that function isn't named file_get_content() instead of
the plural form...)
If you let PHP deliver the PDF, make sure PHP sets the right header for the
mimetype (not text/html, but application/pdf)
In that way you can simply refuse the execute the downloadscript if the user
is not logged in.
Regards,
Erwin Moller
Thank you for fast answer
I tried and it worked, i just did like this:
$str_pdf = file_get_contents("$pathtopdf");
echo $str_pdf;
Is this right? How can I set the right header?
When I did this the pdf-file that I downloaded got the same name as
the php-file that the script is in, how can I rename it to something
else?- Hide quoted text -
- Show quoted text -
Look a tmy answer to you. I gave you a link to a page that told you
how to do it!
Captain Paralytic wrote:
On 16 Feb, 12:52, n...@spray.se wrote:
>On 16 Feb, 13:00, Erwin Moller
<since_humans_read_this_I_am_spammed_too_m...@spa myourself.comwrote:
n...@spray.se wrote:
Hello!
I'm trying to secure pdf-files from users that are not logged in on a
site.
What I have tried now is to make a .htaccess file in the directory
where the pdf's are with "deny from all" which stops everyone from
downloading them. Then in the member-area when a user wants to
download a pdf a php-script copies the pdf-file from the secured-
folder to a temp-folder and renames it to some random file-name that
the user can download. Then when the user are ready with the download
I want the temp-file to be deleted automaticly
Hi,
But how do you know when the user is finished downloading the pdf with
the random filename?
to prohibit other non-
members to find it? How can I do this?
Maybe someone have another totally different solution to secure
files? Regards
/Samuel
It might be easier to just place the files in a directory with 'deny
from all' in the .htaccess (as you already did), and read the file with
PHP. Then let PHP deliver its content to the browser.
Have a look at the filefunctions at php.net.
Here is the function
file_get_contents(): http://nl2.php.net/manual/en/functio...t-contents.php
>>
(I have wondered why that function isn't named file_get_content()
instead of the plural form...)
If you let PHP deliver the PDF, make sure PHP sets the right header for
the mimetype (not text/html, but application/pdf)
In that way you can simply refuse the execute the downloadscript if the
user is not logged in.
Regards,
Erwin Moller
Thank you for fast answer
I tried and it worked, i just did like this:
$str_pdf = file_get_contents("$pathtopdf"); echo $str_pdf;
Is this right? How can I set the right header? When I did this the pdf-file that I downloaded got the same name as the php-file that the script is in, how can I rename it to something else?- Hide quoted text -
- Show quoted text -
Look a tmy answer to you. I gave you a link to a page that told you
how to do it!
Yup. I second that.
I just scanned through it, and it looks like a good resource.
Of course it is: It is from O'Reilly. ;-)
Good luck/happy coding.
Regards,
Erwin Moller
>>- Show quoted text -
>Look a tmy answer to you. I gave you a link to a page that told you how to do it!
Yup. I second that.
I just scanned through it, and it looks like a good resource.
Of course it is: It is from O'Reilly. ;-)
Just because you can store images in a db doesn't make it a good idea.
Just use http://www.php.net/manual/en/function.readfile.php (check the
example in the comments)
--
Arjen http://www.hondenpage.com - Mijn site over honden
On 20 Feb, 09:29, Arjen <d...@mail.mewrote:
Just because you can store images in a db doesn't make it a good idea.
That is true, but it happens to be a good idea anyway!
Captain Paralytic schreef:
On 20 Feb, 09:29, Arjen <d...@mail.mewrote:
>Just because you can store images in a db doesn't make it a good idea.
That is true, but it happens to be a good idea anyway!
Why .. in what situation would bad performance be a good idea ?
--
Arjen http://www.hondenpage.com - Mijn site over honden
On 20 Feb, 10:56, Arjen <d...@mail.mewrote:
Captain Paralytic schreef:
Why .. in what situation would bad performance be a good idea ?
You have evidence for the statement about bad performance?
Jerry Stuckle has provided lots of evidence for good performance and
ease of management of files/images in databases. I too have found that
the performance is excellent.
Arjen wrote:
Captain Paralytic schreef:
>On 20 Feb, 09:29, Arjen <d...@mail.mewrote:
>>Just because you can store images in a db doesn't make it a good idea.
That is true, but it happens to be a good idea anyway!
Why .. in what situation would bad performance be a good idea ?
Never of course. Unless it gives some other benefit, like ease of migration.
But when you migrate having a database is a little less headache, because
you don't have to worry about the new path, permissions, etc.
(I also never store files (images, documents) in a database, but just the
reference/filename.)
Regards,
Erwin Moller
Captain Paralytic schreef:
On 20 Feb, 10:56, Arjen <d...@mail.mewrote:
>Captain Paralytic schreef: Why .. in what situation would bad performance be a good idea ?
You have evidence for the statement about bad performance?
Jerry Stuckle has provided lots of evidence for good performance and
ease of management of files/images in databases. I too have found that
the performance is excellent.
Ill test it tomorrow. Right now im inserting 100k pics into a db :-)
--
Arjen http://www.hondenpage.com - Mijn site over honden
Arjen schreef:
Captain Paralytic schreef:
>On 20 Feb, 10:56, Arjen <d...@mail.mewrote:
>>Captain Paralytic schreef: Why .. in what situation would bad performance be a good idea ?
You have evidence for the statement about bad performance?
Jerry Stuckle has provided lots of evidence for good performance and ease of management of files/images in databases. I too have found that the performance is excellent.
Ill test it tomorrow. Right now im inserting 100k pics into a db :-)
I uploaded 10k (not 100k) pics to my db. On average a page with 100
generated images from a blob entry took 4 secs to load. 100 random
images (varchar 255) took 0.4 secs to load.
--
Arjen http://www.hondenpage.com - Mijn site over honden This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics
by: genetic.error |
last post by:
I'm moving from Vb6 to VB.Net. I have a feeling this has come up
before...
The VS.Net MSDN file seems to state that the following should work:
Form1.Show
Form1.Visible = True
Form1.Hide...
|
by: Lea |
last post by:
Not only does my boss want to hide files from some
developers, he wants to be able to hide different files
from different users. We already use source control to
ensure that people cannot check...
|
by: ATS |
last post by:
I need to hide/reveal parts of a web page using javascript. I think I can
do with using the <span> tag, but I've been away from it for a while and
don't remember. Any pointers, examples?
|
by: Tim |
last post by:
Has anyone found a way to hide the toolbar, address bar, and menu in
the current web browser window? I cannot window.open as this method has
been defeatured due to security in IE. Works in Firefox...
|
by: Efkas |
last post by:
I have a full custom application with some widged extending Controls
like Label and PictureBox. I build a menu with these widgets. When
I click on one of them, it calls a function to display...
|
by: Sharon |
last post by:
hi
i'm installing ASP app on my client server ,
is there any option i can hide the ASP.Net code from him ?
one way is using library (dll) and minimize the server code
any other idea ?
thank...
|
by: brett |
last post by:
Is there a way to hide files in VS.NET 2005 that are excluded from an
ASP.NET project? In a winforms project, you there is a an option in
the solution explorer to show/hide all files. Toggling it...
|
by: Norman |
last post by:
Hello,
I have a working Show / Hide form, that works on FF, but what I would
like to do is to be able to display one part when a user clicks on one
radio button and display another part when the...
|
by: PhilTheGap |
last post by:
Hello,
I woulf like to hide an activeX object in a aspx page. The ActiveX is
decalred statically in the HTML code, and I'e tried to set the html visible
"property" to "false" in the javascript...
|
by: Debadatta Mishra |
last post by:
Introduction
In this article I will provide you an approach to manipulate an image file. This article gives you an insight into some tricks in java so that you can conceal sensitive information...
|
by: Charles Arthur |
last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
|
by: ryjfgjl |
last post by:
In our work, we often receive Excel tables with data in the same format. If we want to analyze these data, it can be difficult to analyze them because the data is spread across multiple Excel files...
|
by: emmanuelkatto |
last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud.
Please let me know.
Thanks!
Emmanuel
|
by: BarryA |
last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
|
by: nemocccc |
last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
|
by: Sonnysonu |
last post by:
This is the data of csv file
1 2 3
1 2 3
1 2 3
1 2 3
2 3
2 3
3
the lengths should be different i have to store the data by column-wise with in the specific length.
suppose the i have to...
|
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers,...
|
by: Hystou |
last post by:
Overview:
Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...
|
by: agi2029 |
last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing,...
| |