Posted by Iain Napier on 12/17/05 05:29

alex wrote:
>
> Secondly, you can store the files outside of the webroot.. sounds like
> you're using shared hosting here, so instead of putting the files in
> your public_http, put them somewhere else, then your download script
> just sources that file, whereever it is (fopen) and sends it..

I've just realised I can change permissions on this server, so if I
create a subdirectory in wwwroot called privatearea, put my file1.zip in
there and remove the public read permission, a web browser can't get
it's hands on it.

Now, I create a test.php in the same directory as file1.zip and using
$_SERVER['PATH_TRANSLATED'], I get the full file system path to where my
files are. So:

$file="/full/path/to/my/wwwroot/privatearea/file1.zip"
if ($file_handle=fopen($file,"r")) echo("PHP can read the file!");

And I see PHP can read the file okay, but web browsers don't get direct
access to it.

Presumably I can now use fopen to send the data back via PHP?

Thanks for the pointer in your first post, I seem to be on the right
track now I hope. Tomorrow I'll try and work out how to have PHP send
the file back.. 3.30 am now :-\

[Back to original message]