Either store your files in the database (I hate saying that), or use
.htaccess to protect the directory.
> -----Original Message-----
> From: Nick Wilson [mailto:[EMAIL PROTECTED]]
> Sent: Saturday, May 11, 2002 1:59 AM
> To: php-general
> Subject: [PHP] protecting downloads with php
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> Hi all
> I've been asked to protect an area containing 'course material' (pdf's
> etc) and have just thought of a gaping hole in what I've done.
> I use an class to handle all the auth stuff and each page checks the
> value of $obj->logged_in :: No problem.
> but what if someone links to www.thesite/theProtectedArea/file.tar.gz
> that file cannot check if the downloader is logged in can it.
> So, any suggestions or words of wisdom would be much appreciated :-)
> - --
> Nick Wilson // www.explodingnet.com
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.0.6 (GNU/Linux)
> -----END PGP SIGNATURE-----
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php