"Alan McDonald" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] > > >I have files contained in a download directory (.doc, .xls etc files) > > >so I can't request authentication on each download from insie the files. > > >I use authentication against a DB for the rest of the site and all pages > are > > >protected this way. > > >My only way to protect these download files is to place server > > >authentication on the folders they are contained in. > > > > > >To avoid having to manage my users again as server users, does anyone > know > > >how to set the HTTP_AUTHORIZATION variable at time of request? > > >I don't need high security, so the page setting the HTTP_AUTHORIZATION is > > >protected but does contain the username and pw couplet for the > > >HTTP_AUTHORIZATION setting. > > > > > > > > There authorizations settings are supposed to be sent back to the server > > by the client so you cannot generate them with php. Your option include > > using .htpasswd that checks against a mysql database (please ask in the > > apache list.) and keeping your downloads 'offline' and delivering them > > through a php script. The second suggested has been discussed to > > exaustion in this list in the past. > > > > -- > > Raditha Dissanayake. > > Thanks - I suppose I was thinking of building (via PHP) and client JS script > to set the property at the client. But anyway the offline way is the > answer - shold have thought of that. > Alan
Hi Alan, check PEAR's HTTP_Download for serving files for download from a protected directory: http://pear.php.net/package/HTTP_Download Regards, Torsten Roehr -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
