I think what you really want to do is place your downloadable files in a
directory that is not in your httpd's document root and use a password
protected PHP script to access these files and send them to the user after
authentication. I think you could accomplish this with the fpassthru()
function and the correct header. htaccess is just going to get in your way.
<?
include("authentication.php");
$filename="/path/to/directory/not/in/httpd/doc/root/mysecretpicture.jpg";
$fp=fopen($filename, "rb");
header( "Content-type: image/jpeg\nContent-Disposition: inline;
filename=\"mypic.jpg\"\nContent-length: ".(string)(filesize($filename)) );
fpassthru($fp);
?>
You've got to make sure that the user that your httpd runs as has permission
to access /path/to/directory/not/in/httpd/doc/root/
James
On Sunday 15 June 2003 10:32 am, Peter Berglund wrote:
> ok, I change my question, how do I protect downloadable files from users
> that are not valid?
> without the use of htaccess?
>
> "Peter Berglund" <[EMAIL PROTECTED]> skrev i meddelandet
> news:[EMAIL PROTECTED]
>
> > I want to send user and password from php to a protected directory.
> > For example: If I go directly to the directory I get a popup to enter
> > user and password, the normallt way.
> >
> > But if I go through a php-script that checks if I'm a valid user from a
> > database I will get access to the folder.
> >
> > So i need a way to send user/password from php to the .htaccess file.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
