Posted by Sebastian Scherhans on 05/25/05 22:34
hey...
do something like this:
download.php (the file that handles the file stream)
<script language="php">
session_start();
if ($_SESSION['download'] == 'filexyz.exe')
// NOTE: Here you can use any download-check. this is just
// an example.
{
$root_dir = 'C:';
$fp = fopen($root_dir . '\\' . $_REQUEST['file'], 'r');
fpassthru($fp);
fclose($fp);
}
</script>
----
and the mainfile can be like
<a href='download.php?file=filexyz.exe'>
now, nobody can see the directory, where to files are in and only
the script can access them. you might have to pass the session-id, too.
[Back to original message]
|