> I want to protect files from being downloaded and only allow people to
> download files which they have access too. I've done all the access
> control
> etc... but whats the best way for the user to download the file... Can
> "paste" the file directly into the header? (get the file from the
> filesystem, mime encode it and put it in the header?) or copying the
> to
> a web viewable temp dir to allow the user to download it? (dont really
> want
> to do this).

Search the archives...

  header("some file type content header");
  readfile($download_dir . $filename);
{ echo "you're not a valid user"; }

Adapt to your needs and don't even try this if you're not going to
validate the download directory and filename...

---John Holmes...

PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to