You can place the file anywhere you like, as long as the script has read access to it.
I suggested putting it outside the document root to make sure people don't "accidentally" find it. I say "accidentally" because, if ppl are like me, I like to probe around other ppl's site to see what hidden things I can find :) But it's up to you where you ultimately put it.... -----Original Message----- From: Fargo Lee [mailto:[EMAIL PROTECTED]] Sent: Wednesday, June 19, 2002 7:04 AM To: [EMAIL PROTECTED] Subject: Re: [PHP] How do I hide download link ... Hi, if using the header command for attaching a file really prevents the user from seeing the actual download link, is it really all that important that the file is read from behind the document root if it is in a very hard to guess directory? "Martin Towell" <[EMAIL PROTECTED]> wrote in message news:6416776FCC55D511BC4E0090274EFEF508A4B5@EXCHANGE... > Have a page that checks the user's authentication > > if they're "invalid" then display an error msg and exit the script > > otherwise, send the header command(s) for attaching a file (can't remember > the exact syntax right now) > > read the file from somewhere that's not accessable from the web and spit it > out to the browser > > HTH > Martin > > > -----Original Message----- > From: Fargo Lee [mailto:[EMAIL PROTECTED]] > Sent: Thursday, June 13, 2002 6:15 AM > To: [EMAIL PROTECTED] > Subject: [PHP] How do I hide download link ... > > > Hi, my customers go through a password authentication to access a link on my > site to download a file. I want to prevent the distribution of the location > of this file on my server by making it hidden. Is there any php function(s) > that could assist in doing this? > > All I can think of so far is storing the original file in a hard to guess > directory, when a authenticated customer goes to download it, send them to a > script that copys the original file to a temp directory, they download the > file in the temp directory and then run a cron every so many minutes to > clear out the files in the temp directory. > > If anyone has any ideas, examples or a way to improve on what I came up with > please respond. Thanks! > > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php