473,382 Members | 1,692 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > php > questions > restrict access to directory revisited

Join Bytes to post your question to a community of 473,382 software developers and data experts.

restrict access to directory revisited

I have a problem identical to this one that was posted a couple of years ago

"I am making a website with a members area. I have used some basic
session management to create a login page and then use the session to
control access to other pages.

I need to have a directory within the members area where the
organisation will upload files such as minutes of meetings, agendas,
etc. etc.. I want to be able to list the files in this directory on a
members only page, which I can do with opendir() readdir() etc. and some
formating to put links around the filenames.

My question is. How do I protect the files in that directory from being
accessed by somebody who knows the full path and file name?"

The best anwser was this one,

"Save the file in a folder that's not accessible through Apache, then use a
PHP script for file downloading:

<a href="download.php?file=whatsup.doc"> ... </a>

download.php:

$file = basename($file);
$filepath = "$download_folder/$file";

.... check to see if user is logged in ...

header("Content-type: application/x-octet-stream");
header("Content-Disposition: attachment; filename=$file");
session_write_close();
readfile($filepath);"

I got that to work, but that is not exactly what I want to do, that script creates a download link, I just want to display the file (pdf) as if it were a simple hyperlink. Can someone help me with a script that does that.
Oct 28 '11 #1
2 1409
zorgi
431 Expert 256MB
You would have to send appropriate HTTP headers for each file.

For eaxmple for pdf files :

Expand|Select|Wrap|Line Numbers
  1. header('Content-type: application/pdf');
  2. readfile("path/to/your/pdf/file.pdf");
or for jpg

Expand|Select|Wrap|Line Numbers
  1. header("Content-type: image/jpg");
  2. readfile("path/to/your/jpg/file.jpg");
Oct 28 '11 #2
Thank you zorgi,

This is the script I am wrote from what you gave me,

Expand|Select|Wrap|Line Numbers
  1. <?php
  2.     //check to see if user is logged in
  3.     require_once('auth.php');
  4.  
  5.     if(isset($_GET['file'])) {
  6.         $file = $_GET['file'];
  7.         header('Content-type: application/pdf');
  8.         readfile($file);
  9.     }
  10. ?>
And it works nicely,

Rob
Oct 29 '11 #3

Sign in to post your reply or Sign up for a free account.

Similar topics

3
Restrict Access Problem
by: Paul | last post by:
Hi all, at present I I've built a website which can be updated by admin and users. My problem, I've combined "log in" and "access levels" to restrict access to certain pages, using the built...
ASP / Active Server Pages
1
Programatically restrict access to windows features
by: Chloesdad | last post by:
Hi, I have a request from a client to restrict access to windows features (start bar, CRTL-ALT-DEL etc) for certain users of our software (operators), but to allow it for others...
.NET Framework
1
Cookie Authentication: Restrict Access to Page
by: sonik son | last post by:
Have a family website which requires username and password to access. I have the code to set a cookie ("user") upon successfull login. However, I cannot figure out how to allow access to the site...
Javascript
2
How to restrict access to Files/Folders
by: Khaled Hussein | last post by:
Hello, I would like to know how can I restrict access for specific files and folders for specific running processes. For example: Lets say we have three running process P1, P2, and P3, I want to...
C# / C Sharp
0
Ways to restrict access to some methods in .net Components?
by: dotnettester | last post by:
Hi, I am wondering if there is a way to restrict access to some methods within a component to some developers and restrict it to others??
ASP.NET
5
Restrict Access by Application
by: toddles666 | last post by:
Hi- Is there any way of restricting access to a database by application & account? For example, I only want the application APP1 to access the database using the USER1 account. I've tried to...
DB2 Database
1
Restrict Access to WebService to Certain Client URLs
by: Eeraj | last post by:
I would like to restrict access to my ASP.NET web services so that they can be accessed only by clients from specific ASP.NET based sites. Example: I want to grant access to...
.NET Framework
1
Need to restrict access to same pages on a web site
by: thavaht | last post by:
I’ve been searching on the forum and don’t seem to find a post that matches my question: I need to restrict access to some php pages on a web site to computers on the same domain or local network,...
PHP
2
How can I restrict access to a data file?
by: phpnoob | last post by:
I have a php script that processes a form and then posts the user input to a data file on the server in a comma delimited format. For simplicity call the file "data.csv." The script is working...
PHP
3
restrict access to page based on querystring value
by: =?Utf-8?B?R1ROMTcwNzc3?= | last post by:
Hi there, I've got the standard Dreamweaver restrict access to page behaviour below – <% ' *** Restrict Access To Page: Grant or deny access to this page MM_authorizedUsers="1,2,3"...
ASP / Active Server Pages
0
isladogs
Access Europe: Command bars, the Access Shortcut Tool and a simple Audit Log - Wed 3 April
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 3 Apr 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome former...
General
0
Easy Steps to Fix "Canon Printer Won't Connect to WiFi Network"
by: taylorcarr | last post by:
A Canon printer is a smart device known for being advanced, efficient, and reliable. It is designed for home, office, and hybrid workspace use and can also be used for a variety of purposes. However,...
General
0
How to turn on java script in a villaon keypad mobile phone
by: Charles Arthur | last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
Java
0
Basic Javascript concepts
by: aa123db | last post by:
Variable and constants Use var or let for variables and const fror constants. Var foo ='bar'; Let foo ='bar';const baz ='bar'; Functions function $name$ ($parameters$) { } ...
Javascript
0
Merging data from multiple Excel files
by: ryjfgjl | last post by:
In our work, we often receive Excel tables with data in the same format. If we want to analyze these data, it can be difficult to analyze them because the data is spread across multiple Excel files...
Data Management
0
BarryA
Navigating the Data Structures and Algorithms (DSA)
by: BarryA | last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
Algorithms / Advanced Math
1
Looking to do Android software development, any suggestions? Is flutter better?
by: nemocccc | last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
General
1
Is that possible of reading the .csv file in column wise and the column have different lengths ?
by: Sonnysonu | last post by:
This is the data of csv file 1 2 3 1 2 3 1 2 3 1 2 3 2 3 2 3 3 the lengths should be different i have to store the data by column-wise with in the specific length. suppose the i have to...
C / C++
0
How to build RAID in BIOS?
by: Hystou | last post by:
There are some requirements for setting up RAID: 1. The motherboard and BIOS support RAID configuration. 2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
Computer Hardware

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!