Securing a file


#1

Hi,
I want to allow the downloading of specific file only to authorized
user,
lets say an MPEG.

where do I start? :wink:

Thx,
Dor.


#2

I don’t know how far back you want to start, but I’ve done a Wordpress
plugin in PHP that does something like this:

http://www.almosteffortless.com/wordpress/secure-files/

The basic idea is that you have to store the file above the web root,
and
then use your code to access it - instead of just linking to it.

So, you’re going to have to figure out how to save files above or
outside of
the web root, then how to check that a user is logged in
(acts_as_authenticated?), and then how send those files to the user
(that’s
the readfile function in PHP).

That’s the best I can do.

  • Trevor

#3

Dor K. wrote:

Hi,
I want to allow the downloading of specific file only to authorized
user,
lets say an MPEG.

where do I start? :wink:

Thx,
Dor.

If you are using lighttpd check out mod_secdownload module, I use it few
places and works like charm.

Gokhan
www.sylow.net