Hello , I am developing a Web based Document Management System (PHP 5 / Mysql 5 ).By using this system users withing the organization can upload and save their documents on a central location i.e. Server.and again by search they can download the documents with minimum time.But at the same time i need to provide security so that users can allowed to serach and download the those documents only for which he has assigned.Now the problem is user can easily identify the folder where the documents are uploaded.so by giving direct path ( if he knows filename ) he can download the documents which are not assigned / allowed to him.So let me know how i can provide this security to uplaoded documents. Is it possible for newly created folders? Thank you.