473,394 Members | 1,750 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > php > questions > protecting files and directories with php

Join Bytes to post your question to a community of 473,394 software developers and data experts.

protecting files and directories with php

Hello,
I've got a situation where i have a directory called "example". In this
area i have three files, an index page that has a form on it in to which
user's can authenticate, a page displaying either success or failure and if
success redirects to a downloadable file. I don't want this downloadable
file to be had by a direct url access, user's should have to authenticate to
get it. I want to use php4 for this and if possible since this is a
lightweight requirement i don't want to implement a database solution. Any
pointers or howtos appreciated.
Thanks.
Dave.
Jul 17 '05 #1
1 1827
On Sun, 18 Jul 2004 05:25:54 +0000, dave wrote:
Hello,
I've got a situation where i have a directory called "example". In this
area i have three files, an index page that has a form on it in to which
user's can authenticate, a page displaying either success or failure and if
success redirects to a downloadable file. I don't want this downloadable
file to be had by a direct url access, user's should have to authenticate to
get it. I want to use php4 for this and if possible since this is a
lightweight requirement i don't want to implement a database solution. Any
pointers or howtos appreciated.
Thanks.
Dave.

Drop the directory outside of the Web root so that it can't be accessed
via a URL and use the readfile() and header() functions to serve the file.

A quick and dirty example (please note the lack of security / validation
in the example code):
foo.com/download?file=bar.zip
<?php
if (strlen($_GET['file']) > 0) {
if (file_exists(dirname(__FILE__) . '/../' . $_GET['file']) and
is_readable(dirname(__FILE__) . '/../' . $_GET['file'])
) {
header('Content-type: application/zip');
readfile(dirname(__FILE__) . '/../' . $_GET['file']);
exit;
} else {
die('Cannot serve file.');
}
}
?>
Your "authentication" is obviously done separately.

The other solution is to obviously use .htaccess control and not use PHP
at all =)
HTH.

Regards,

Ian

--
Ian.H
digiServ Network
London, UK
http://digiserv.net/

Jul 17 '05 #2
New Post

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

5
are directories files?
by: Tum | last post by:
Hi folks, I've been trying to make a decision and it's driving me crazy. Is a directory a file or is a directory NOT a file but a node? Should I have A)
Java
6
protecting the python code.
by: nell | last post by:
Hi all, I've developed a testing application in python, and should supply it in a way that no one (lets say they are regular users) will understand it and edit it. The application source is all...
Python
4
Working With Files Above Site's Root Directory
by: Jerry | last post by:
I'm having just a bit of trouble wrapping my brain around the task of working with folders that are above the site's root folder. I let users upload photos (.jpg/.gif files) which can...
ASP.NET
1
Protecting multiple directories
by: Maziar Aflatoun | last post by:
Hi everyone, I have a website that requires 2 separate sections to be password protected (/admin and /admin2) so that for ex. once the user in /admin2 is authenticated he/she can then view...
ASP.NET
8
Password protecting downloads
by: Iain Napier | last post by:
I'm in the middle of developing a website with a downloads section. It's a wad of educational software for an LEA which for obvious reasons needs password protecting. Users have to authenticate...
PHP
4
Populate ListBox With Directories & Files
by: rn5a | last post by:
I have a ListBox which should list all the files & directories that exist in a particular directory. The problem is I can get the ListBox to list either all the files or all the directories but not...
ASP.NET
2
Monitoring and copying files
by: Alan Bak | last post by:
HI I am running Active Perl on a Windows XP machine. I am hoping to get some advise on a strategy to monitor and copy files that are arriving in a directory and need to be copied to a second...
Perl
0
For certain directories, protecting files from direct access that match a naming pattern OR mediating http access through my app
by: Ken Fine | last post by:
Short version: I want to know how in ASP.NET I could bar direct http access to some files in a directory that match a pattern, but not others. An alternate solution would be to bar all direct http...
ASP.NET
16
Protecting a whole directory - PHP Authentication
by: rogerjames1 | last post by:
How would I go about protecting a whole directory, e.g. http://www.example.com/members/ and all sub-directories with login protection? I wouldn't like to put a .php script in each directory and...
PHP
0
How to turn on java script in a villaon keypad mobile phone
by: Charles Arthur | last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
Java
0
Merging data from multiple Excel files
by: ryjfgjl | last post by:
In our work, we often receive Excel tables with data in the same format. If we want to analyze these data, it can be difficult to analyze them because the data is spread across multiple Excel files...
Data Management
1
Looking to do Android software development, any suggestions? Is flutter better?
by: nemocccc | last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
General
1
Is that possible of reading the .csv file in column wise and the column have different lengths ?
by: Sonnysonu | last post by:
This is the data of csv file 1 2 3 1 2 3 1 2 3 1 2 3 2 3 2 3 3 the lengths should be different i have to store the data by column-wise with in the specific length. suppose the i have to...
C / C++
0
How to build RAID in BIOS?
by: Hystou | last post by:
There are some requirements for setting up RAID: 1. The motherboard and BIOS support RAID configuration. 2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
Computer Hardware
0
marktang
What is ONU?
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
General
0
Oralloy
Problem With Comparison Operator <=> in G++
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers,...
C / C++
0
The easy way to turn off automatic updates for Windows 10/11
by: Hystou | last post by:
Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...
Windows Server
0
tracyyun
Discussion: How does Zigbee compare with other wireless protocols in smart home applications?
by: tracyyun | last post by:
Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...
General

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!