hi,

I put a file "setup.exe" in a directory "downloaddir\"

I want to build PHP code, so that only registered users are able to
download the file.

How to make the directory / files only available to registered users using
PHP code?

(So that other users cannot download the file using direct url
"http:\\www.abcd.org\downloaddir\setup.exe" )


TIA
Rian

On Apr 7, 2008, at 11:56 AM, Rian Hidayanto wrote:
> hi,
>
> I put a file "setup.exe" in a directory "downloaddir\"
>
> I want to build PHP code, so that only registered users are able to
> download the file.
>
> How to make the directory / files only available to registered users
> using
> PHP code?
>
> (So that other users cannot download the file using direct url
> "http:\\www.abcd.org\downloaddir\setup.exe" )
>

I can give you the basics of this and hopefully someone can fill in
the gaps... What you need to do is put the actual file above the
webroot... and then set the include path to include that, then you
have your script go and fetch it.

Maybe this way makes more sense:
<HD>
<Web>
<Downloads>
<mydispatchscript.php>
<INC>
<setup.exe>
</HD>

so basically, in your php.ini file make sure you include the <INC>
directory and include the whole path to it. and you will be able to
access it but no one will be able to access the file directly.


>
> TIA
> Rian
>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>

--

Jason Pruim
Raoset Inc.
Technology Manager
MQC Specialist
3251 132nd ave
Holland, MI, 49424-9337
www.raoset.com
japruim@raoset.com

On Mon, Apr 7, 2008 at 11:56 AM, Rian Hidayanto <rian.smart@gmail.com> wrote:
> hi,
>
> I want to build PHP code, so that only registered users are able to
> download the file.
>
> (So that other users cannot download the file using direct url
> "http:\\www.abcd.org\downloaddir\setup.exe" )

This is just to get you started. Polishing,
modifying/customizing, and sanitizing, you're on your own.

<?php
// download.php
session_start();

if(!isset($_SESSION['username'])) {
die("Unauthorized access.");
}

// Keep the directory out of the web root.
$download = '../downloads/download.exe';

$filename = basename($download);

header("Pragma: public")
header("Expires: 0");
header("Cache-Control: must-revalidate, post-check=0, pre-check=0");
header("Cache-Control: public");
header("Content-Description: File Transfer");
header("Content-Type: application/octet-stream");
header("Content-Disposition: attachment; filename=".$filename.";");
header("Content-Transfer-Encoding: binary");
header("Content-Length: ".sizeof($download);
readfile($download);
exit(0);

?>


--
</Daniel P. Brown>
Ask me about:
Dedicated servers starting @ $59.99/mo., VPS starting @ $19.99/mo.,
and shared hosting starting @ $2.50/mo.
Unmanaged, managed, and fully-managed!