Board index   FAQ   Search  
Register  Login
Board index PHP PHP Scripts

How to limit access to a file to certain users

Links for php scripts

Moderators: macek, egami, gesf

How to limit access to a file to certain users

Postby cdmurray_80 » Fri Apr 04, 2003 11:41 am

I have a PHP-based web site running on an apache server (at ipowerweb). On this site, users can upload files, and I want those files to only be downloadable by that user, a group of viewers, and administrators.
How do I accomplish this? Does PHP have some way to do it, or do I have to use tha apache-based security to limit access to files by writting out .htaccess and .htpasswd for each directory? Can a php script in a public directory serve a file in a sercure directory to a user as though that file were part of the php script?
Please email me if you can help:
cdmurray_80 AT hotmail.com
cdmurray_80
New php-forum User
New php-forum User
 
Posts: 2
Joined: Fri Apr 04, 2003 11:35 am

Postby Oromian » Fri Apr 04, 2003 3:14 pm

Use a database.

Register them and on the download page, insert a query to a database that says they visited or downloaded. If the number limited is reached, then you can have php display an error messege.

That's the least complicated way to do it i think.
Oromian
New php-forum User
New php-forum User
 
Posts: 38
Joined: Fri Apr 04, 2003 2:44 pm
Location: Canada

Still can't get it...

Postby cdmurray_80 » Fri Apr 04, 2003 4:52 pm

I just don't understand how to serve up a download through a php script.
Right now I store files to be download in a public directory with a weird name, and I provide valid users with an html link to the files and give invalid users a message "you can't download this file". However, a smart user can just type in the url of the file directly and download it regardless of my php script. So how can I serve up the file through the php script (e.g. without directing the user to the file's url)??
Thanks for the help though
cdmurray_80
New php-forum User
New php-forum User
 
Posts: 2
Joined: Fri Apr 04, 2003 11:35 am

Postby daemon80 » Fri Apr 11, 2003 1:23 pm

You have to configure Apache. see http://www.apache.org on documentation regarding .htaccess and .htpasswd
daemon80
New php-forum User
New php-forum User
 
Posts: 3
Joined: Fri Apr 11, 2003 1:00 pm

Postby MithikoS » Sun May 11, 2003 8:04 pm

use mysql... (Database)

When the user upload the file, write in the db the name of the file and the user...

Now.. if the user want to download this file.. check first the db and then.. give access to the user to download this file

And something else... you can change the showing link.
How.. use md5

when you storage the file in the db... use the md5 fuction (encode)

and do the opposite when you grand the access :)
gl
MithikoS
New php-forum User
New php-forum User
 
Posts: 8
Joined: Sun May 11, 2003 7:56 pm
Location: London

i had the same problem

Postby lacroix13 » Fri May 23, 2003 5:19 am

i had the same problem and finaly i solved it.you must use a database or something to keep track of the owner of the file.you can use htaccess to protect the files.php will not interact with htaccess, i mean it will work when working with tose files.
when you upload, upload in the directory protected by htaccess.when you download, use the example in the php manual(chm form) from "header" function.

if you still can't figure it out, i'll give you exactly the scripts :)
User avatar
lacroix13
New php-forum User
New php-forum User
 
Posts: 64
Joined: Thu Aug 22, 2002 1:07 am


Return to PHP Scripts

Who is online

Users browsing this forum: No registered users and 0 guests

Sponsored by Sitebuilder Web hosting and Traduzioni Italiano Rumeno and antispam for cPanel.

cron