 |
| Pro PHP Advanced PHP coding discussions. Beginning-level questions will be redirected to the Beginning PHP forum. |
Welcome to the p2p.wrox.com Forums.
You are currently viewing the Pro PHP section of the Wrox Programmer to Programmer discussions. This is a community of software programmers and website developers including Wrox book authors and readers. New member registration was closed in 2019. New posts were shut off and the site was archived into this static format as of October 1, 2020. If you require technical support for a Wrox book please contact http://hub.wiley.com
|
|
|
|
April 22nd, 2004, 09:43 PM
|
|
Registered User
|
|
Join Date: Apr 2004
Posts: 5
Thanks: 0
Thanked 0 Times in 0 Posts
|
|
can php protects my file ?
dear all,
i want to protect my file in my webserver, so anyone who want to download must login first (this is done using mysql)
but if anyone know the url, anyone can still download my file without login, then i use htaccess to protect, but by using htaccess i have to create every user which can access in my server (not in database), its usefull if i have a few user, what if i have many users ?
so, is it possible to protect file using php & mysql ?
rgrds
|
|
April 23rd, 2004, 03:16 AM
|
|
Friend of Wrox
|
|
Join Date: Jun 2003
Posts: 101
Thanks: 0
Thanked 1 Time in 1 Post
|
|
hey
how's it going... i think the reasonable thing to do here is to specify file properties, for instance a file might be: readable, writable, etc...
when user is not logged in, make sure the file is not readable (i think you should be familiar with -r-w parameters meaning "r" for read, "w" for write, etc...), and when the user logs in just attach the read or write attribute to the file....
check functions: chmod() and chown() on php.net
:D
the genuine genius
|
|
April 23rd, 2004, 03:56 AM
|
|
Registered User
|
|
Join Date: Apr 2004
Posts: 5
Thanks: 0
Thanked 0 Times in 0 Posts
|
|
thanks for the answer,
let say 2 users access my web, then the first one has login then my script changes the attribut.
and 2nd user no need to login, cause the file attribut already changed, so ?
because when user view my web they act as nobody:nobody
thanks
|
|
April 25th, 2004, 09:17 PM
|
|
Registered User
|
|
Join Date: Apr 2004
Posts: 5
Thanks: 0
Thanked 0 Times in 0 Posts
|
|
thank you all,
i've got the solution (from other forums), here:
- put the file that everybody want to download in directory that never published
- then copy it to the real directory when user click download
- after that delete that file
- so when people type in url directly, for example: http://www.a.com/download/file.zip, they will redirect to error page because file is not there :)
thanks for nikolai, but link that you've gave just talking about session and i've already knew and use that
thanks
|
|
May 15th, 2004, 08:45 PM
|
|
Registered User
|
|
Join Date: May 2004
Posts: 2
Thanks: 0
Thanked 0 Times in 0 Posts
|
|
Hey
I wasn't *entirely* sure what you were wanting, but copying files when people request them sounds slow to me!
You're much better to bun the files into a dir that is (as you put it) not published, then use php to read the contents of the file directly to the user, and change the HTTP headers as necassary.
Tell me if you need some sample code, and I'll paste it.
Cheers
Code:
+--------------------------------------------+
| Coldsteel - A dream, soon to be reality // |
| \\ |
| www.vsentinel.net , coming soon // |
+--------------------------------------------+
|
|
May 20th, 2004, 05:21 AM
|
|
Registered User
|
|
Join Date: May 2004
Posts: 3
Thanks: 0
Thanked 0 Times in 0 Posts
|
|
Another solution would be, to store the whole file in a database. It can be slower as the streaming method (descript from vsentinel), but you can build your own access rules for it (e.g. special groups or credit systems).
Ciao Alex...
|
|
|
