Re: Password protecting downloads — PHP Programming Language

You are here: Re: Password protecting downloads « PHP Programming Language « IT news, forums, messages

Posted by Iain Napier on 12/17/05 13:52

Peter Fox wrote:
>
> Fine (when set to point outside the web root) so long as you know that
> your security model is "the key's under the mat". Ie. the you can't
> revoke permission to a single user, and you've opened up the complete
> archive to all users.
>
> BTW here is your starter for 10.
> How steps should you take to stop somebody trying to access the php
> sources by trying out a few possibilities like
> "filedownload.php?file=../www/filedownload.php"?

Hi Peter,

Thanks for the comments. All the filenames are stored in a MySQL
database, and the filename is validated against what's in there before
filedownload.php allows the user to get it.

Navigation:

Next in forum: Re: fsockopen's timeout parameter
Prev in forum: Re: Password protecting downloads
Thread view: Re: Password protecting downloads

[Reply to this message]

Удаленная работа для программистов • Как заработать на Google AdSense • England, UK • статьи на английском • PHP MySQL CMS Apache Oscommerce • Online Business Knowledge Base • DVD MP3 AVI MP4 players codecs conversion help

Home • Search • Site Map • Set as Homepage • Add to Favourites

Сайт изготовлен в Студии Валентина Петручека —
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация