I think what you really want to do is place your downloadable files in a directory that is not in your httpd's document root and use a password protected PHP script to access these files and send them to the user after authentication. I think you could accomplish this with the fpassthru() function and the correct header. htaccess is just going to get in your way.
<? include("authentication.php"); $filename="/path/to/directory/not/in/httpd/doc/root/mysecretpicture.jpg"; $fp=fopen($filename, "rb"); header( "Content-type: image/jpeg\nContent-Disposition: inline; filename=\"mypic.jpg\"\nContent-length: ".(string)(filesize($filename)) ); fpassthru($fp); ?> You've got to make sure that the user that your httpd runs as has permission to access /path/to/directory/not/in/httpd/doc/root/ James On Sunday 15 June 2003 10:32 am, Peter Berglund wrote: > ok, I change my question, how do I protect downloadable files from users > that are not valid? > without the use of htaccess? > > "Peter Berglund" <[EMAIL PROTECTED]> skrev i meddelandet > news:[EMAIL PROTECTED] > > > I want to send user and password from php to a protected directory. > > For example: If I go directly to the directory I get a popup to enter > > user and password, the normallt way. > > > > But if I go through a php-script that checks if I'm a valid user from a > > database I will get access to the folder. > > > > So i need a way to send user/password from php to the .htaccess file. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php