Posted by Hans van Kranenburg on 10/06/47 11:18

DMacedo wrote:
> Place the PDF outside of the web root and use readfile()
> http://php.net/readfile function after verifying the user in a
> download script, along with this, you should send the needed header()
> http://php.net/header (filesize, type, forcing download if you wish,
> etc).

Additionaly, you can use mod_rewrite to rewrite urls to the script.

e.g. when using http://www.foo.com/download/index.php?f=bar.pdf, the
users save as... box wants to save the file 'index.php'

when you link to http://www.foo.com/download/bar.pdf and use some simple
rewrite rules to internally rewrite /download/bar.pdf to
/download/index.php?f=bar.pdf, the save as... box of the user wants to
save the file as 'bar.pdf'

Hans

--
"He who asks a question is a fool for five minutes;
he who does not ask a question remains a fool forever"

• Next in forum: Re: Risk of stealing php code?
• Prev in forum: Persistent connections not limited to one Apache-process?
• Thread view: Re: Protecting unauthorized viewing of non-php files

[Reply to this message]