|
Posted by Armand Brahaj on 05/13/07 23:30
Zoe Brown wrote:
>> Then, you have a file called "streamFile.php".... your user clicks on
>> the link "streamFile.php?key=3197fhduabsd", and your script looks up the
>> file according to the key, then uses readfile(); or a custom function to
>> stream the file to the browser....
>
> great, can you tell me a bit more about streaming the file to the browser,
> would this work for pdfs ? i presume this wont mean that they will abel to
> rightclick and download though ?
>
> but isn't you approach just as risky as having the pdf file in the public
> domain with a random name.
>
>> Or, you could go with .htaccess entirely. But using a combo of
>> .htaccess, sessions and databases to control user access is more often a
>> headache than not. And asking people to enter a username/password more
>> than once is incredibly annoying and bad user interface design.
>
> Thanks for your input, I agree 100%. I thought that the .htaccess thing was
> the right way forward but am now reconsidering.
> Thanks again.
>
>
Maybe you should just consider having a PHP Script which does the
managment of the .htaccess users.
This way you can use the .htaccess to protect a directory, and you will
have a php Script that will add/delete users that has access to this
directory (.htaccess /.htpasswd).
I think I have seen once a similar script named phpaccess.php. Maybe you
can still find it around!
[Back to original message]
|