Reply to Re: Hide files from non-members — PHP Programming Language

Posted by nokan on 02/16/07 12:52

On 16 Feb, 13:00, Erwin Moller
<since_humans_read_this_I_am_spammed_too_m...@spamyourself.com> wrote:
> n...@spray.se wrote:
> > Hello!
> > I'm trying to secure pdf-files from users that are not logged in on a
> > site.
> > What I have tried now is to make a .htaccess file in the directory
> > where the pdf's are with "deny from all" which stops everyone from
> > downloading them. Then in the member-area when a user wants to
> > download a pdf a php-script copies the pdf-file from the secured-
> > folder to a temp-folder and renames it to some random file-name that
> > the user can download. Then when the user are ready with the download
> > I want the temp-file to be deleted automaticly
>
> Hi,
>
> But how do you know when the user is finished downloading the pdf with the
> random filename?
>
> to prohibit other non-
>
> > members to find it? How can I do this?
> > Maybe someone have another totally different solution to secure files?
> > Regards
> > /Samuel
>
> It might be easier to just place the files in a directory with 'deny from
> all' in the .htaccess (as you already did), and read the file with PHP.
> Then let PHP deliver its content to the browser.
>
> Have a look at the filefunctions at php.net.
> Here is the function file_get_contents():http://nl2.php.net/manual/en/function.file-get-contents.php
>
> (I have wondered why that function isn't named file_get_content() instead of
> the plural form...)
>
> If you let PHP deliver the PDF, make sure PHP sets the right header for the
> mimetype (not text/html, but application/pdf)
>
> In that way you can simply refuse the execute the downloadscript if the user
> is not logged in.
>
> Regards,
> Erwin Moller

Thank you for fast answer

I tried and it worked, i just did like this:

$str_pdf = file_get_contents("$pathtopdf");
echo $str_pdf;

Is this right? How can I set the right header?
When I did this the pdf-file that I downloaded got the same name as
the php-file that the script is in, how can I rename it to something
else?

[Back to original message]

Удаленная работа для программистов • Как заработать на Google AdSense • England, UK • статьи на английском • PHP MySQL CMS Apache Oscommerce • Online Business Knowledge Base • DVD MP3 AVI MP4 players codecs conversion help

Home • Search • Site Map • Set as Homepage • Add to Favourites

Сайт изготовлен в Студии Валентина Петручека —
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация