On Wednesday 21 August 2002 10:54, Roger Lewis wrote:

> I did, but like I said, I couldn't find much.  Maybe I wasn't using the
> correct key words.  There is a lot about protecting php and html files but
> not much on other, non-php files in external directories.  There is some
> discussion about .htaccess, but I know nothing about this.  Is that the way
> to do it, or can it be done with php.

In real short, you want to store the files outside your htdocs root (so they
can't be served by http), OR restrict them from being served by using a
htaccess file (try an apache list, the apache site, or your ISP sys admin).

Then, you want to serve those files THROUGH a PHP script.  Usually these
scripts will:

- authenticate a user
- set the right mime-type header for the file type using header()
- parse the requested file though the PHP script to the browser

There were a few recent threads on this... search for the following subject
lines in the archives:

- Authenticate files downloads
- secure files acess

Finally, there is a decent script/article/tutorial on the Zend site (another
place you should have looked), which is the basis for my code at the moment.


Justin French

PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to