Posted by Colin McKinnon on 03/02/07 21:33

Wesley Henwood wrote:

> I'm using a shared host. I want to have a directory for each user of
> my site where they can download a file unique to them. I wanted to
> use basic authentication, but learned that can be slow when number of
> users reaches just a few hundred, and I plan to have a few thousand.
>
> I read about the mod_authn_db* modules, how they are better for many
> users. However my shared hosting provider doesn't let me use it.
>
> What's a good alternative to mod_auth_db for having many users, and
> letting them download one or more files from their account directory"

This is nothing to do with PHP - other than the fact that you could
implement a solution using PHP.

The interesting things are all the things you haven't said.

These users - paying customers?
If not why are you jumping through hoops to provide them access to the
facilities you are paying for?
If so, then why are you relying on a ISP who can't accomodate your
requirements.

Why are you using Basic Authentication? This is not secure and you are
putting your users by using it. I can't believe that your ISP doesn't allow
digest authentication.

You are right that using dbm to store user information in scales much better
than text files - there are also modules which allow you to store
authentication information in LDAP, MySQL, Oracle and other databases too.

I suspect that there are already a large number of free PHP applications
that would meet your requirement - or could be easily adapted - try Google.

C.

[Back to original message]