pelicanmike
22 May 2006, 04:30 AM
This is probably a very simple question, but here goes:
I'm writing a client login script using PHP - how it is going to work is this:
1. usual will login via a login form using PHP
e.g. www.mysite.com/admin/
2. this will take the user to a page which lists all files in a certain directory - with links for them to download
This works fine.. The only problem i have is that there is nothing to stop the user typing the URL to the downloadable file in their browsers, thus bypassing my security!! e.g. by typing in www.mysite.com/admin/files/picture1.jpg
Any ideas of a simple solution to this?? Can i somehow use CHMOD to only allow access to the files using a PHP script?
Mike
I'm writing a client login script using PHP - how it is going to work is this:
1. usual will login via a login form using PHP
e.g. www.mysite.com/admin/
2. this will take the user to a page which lists all files in a certain directory - with links for them to download
This works fine.. The only problem i have is that there is nothing to stop the user typing the URL to the downloadable file in their browsers, thus bypassing my security!! e.g. by typing in www.mysite.com/admin/files/picture1.jpg
Any ideas of a simple solution to this?? Can i somehow use CHMOD to only allow access to the files using a PHP script?
Mike