Posted by Andy Hassall on 12/23/05 00:47

On Thu, 22 Dec 2005 17:01:55 -0500, "Yannick Benoit" <yanglike@sympatico.ca>
wrote:

>anyone can tell me a way to protect files from being downloaded from other
>sites using php ?

Bear in mind that sites don't download files - clients do. Do you really mean
you want to prevent other sites linking to your files?

You could put the files behind some sort of login system.

Checking HTTP_REFERER will no doubt be mentioned, but this is unreliable -
browsers are under no obligation to send the header, or populate it with the
correct value. It might be reliable enough for your needs; I don't know what
the numbers are on how many browsers send real referrer values, at a wild guess
I'd say maybe 75%? To avoid annoying legitimate users, it should accept blank
values for HTTP_REFERER, and only reject values that don't match your site, if
you choose this method.

--
Andy Hassall :: andy@andyh.co.uk :: http://www.andyh.co.uk
http://www.andyhsoftware.co.uk/space :: disk and FTP usage analysis tool

• Next in forum: Re: Just a quick regular expression question!
• Prev in forum: Re: modrewrites (different rewrites but same destination - is this possible) ?
• Thread view: Re: file protection

[Reply to this message]