Either store your files in the database (I hate saying that), or use .htaccess to protect the directory.
---John Holmes... > -----Original Message----- > From: Nick Wilson [mailto:[EMAIL PROTECTED]] > Sent: Saturday, May 11, 2002 1:59 AM > To: php-general > Subject: [PHP] protecting downloads with php > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Hi all > I've been asked to protect an area containing 'course material' (pdf's > etc) and have just thought of a gaping hole in what I've done. > > I use an class to handle all the auth stuff and each page checks the > value of $obj->logged_in :: No problem. > > but what if someone links to www.thesite/theProtectedArea/file.tar.gz > > that file cannot check if the downloader is logged in can it. > > So, any suggestions or words of wisdom would be much appreciated :-) > > - -- > Nick Wilson // www.explodingnet.com > > > > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.0.6 (GNU/Linux) > > iD8DBQE83N09HpvrrTa6L5oRAlSZAJwNVHXfeP3w8aaJTtRUmPH2v/nvNwCfaqp4 > HpXVvWLn87rkhCQxnBtszAc= > =St/c > -----END PGP SIGNATURE----- > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php