Private downloads
I can't seem to find out how to do this on the internet:
I want to upload files via the webapplication I'm building (I've covered that part, so don't worry about telling me how). The only thing I'd like to know is how do I make it so that files can only be downloaded from a secure page within that system instead of just typing in the filename and downloading it? I want to realise the idea of making certain files available to certain people, as in private files only for me, company files for me and my co-workers and public files for all registered members. Can anyone tell me how to do this?
kb posted this at 13:51 — 14th June 2006.
He has: 1,380 posts
Joined: Feb 2002
To do this (at least how I see it):
-Create a directory not available in the /public_html/ directory of your website, we'll call it "private" (this sits one step above the public dir)
-Add these files to the dir
-At the download page, include a forced-download script that calls the file from the private dir, as long as the user has permissions
Another possible option is to create directories for different users/user types and use a .htaccess file to password protect access to them.
Iceline posted this at 17:31 — 14th June 2006.
They have: 6 posts
Joined: Jun 2006
and how do I let the script download files from a directory not in the public_html dir?
timjpriebe posted this at 18:22 — 14th June 2006.
He has: 2,667 posts
Joined: Dec 2004
As long as the permissions are right, your script can read anything on the server by using an absolute or relative path. Just don't use a URL, rather use the path on the system.
Then go to that path, read the file in with your script and spit it directly back out without any modifications (using a print statement or something similar). Then the true path is hidden (and not even accessible) to the end user.
Tim
http://www.tandswebdesign.com
Iceline posted this at 15:11 — 16th June 2006.
They have: 6 posts
Joined: Jun 2006
I'm not quite sure I understand, could you give me the code to like to such a file, because when I use the a href="" part, it always links to something in the public_html folder
timjpriebe posted this at 16:35 — 16th June 2006.
He has: 2,667 posts
Joined: Dec 2004
You don't use href. You have to use server-side scripting like Perl or PHP. Are you familiar with any scripting/programming language?
Iceline posted this at 18:57 — 19th June 2006.
They have: 6 posts
Joined: Jun 2006
yeah I use php a lot, but I always link to stuf with href
timjpriebe posted this at 19:07 — 19th June 2006.
He has: 2,667 posts
Joined: Dec 2004
What you would do instead of linking to a file with href is link to a php file. That php file would not output HTML. Instead, it would read in a file using fopen, or something of the sort. Then you would just output it using echo fread, or something along those lines.
Of course, you'll likely use some sort of file id passed in as a URL parameter if this system is mean to work for multiple files.
Tim
http://www.tandswebdesign.com
Iceline posted this at 11:36 — 20th June 2006.
They have: 6 posts
Joined: Jun 2006
thanks, I'm sure I could google this and all but could you give an example? Let's say I put a file called example.zip in the folder safefiles that's not located in the httpdocs folder but on the same lvl as that and I'm trying to call it from a php file in the httpdocs
Iceline posted this at 16:56 — 19th October 2006.
They have: 6 posts
Joined: Jun 2006
anyone?
Want to join the discussion? Create an account or log in if you already have one. Joining is fast, free and painless! We’ll even whisk you back here when you’ve finished.