[user Security for uploaded documents]

Hello ,

I am developing a Web based Document Management System (PHP 5 / Mysql 5 ).By using this

system users withing the organization can upload and save their documents on a central

location i.e. Server.and again by search they can download the documents with minimum

time.But at the same time i need to provide security so that users can allowed to  serach 

and download the those documents only for which he has assigned.Now the problem is user can easily identify the folder where the documents are uploaded.so

by giving direct path ( if he knows filename ) he can download the documents which are not

assigned / allowed  to him.So let me know how i can provide this security to uplaoded

documents.

Is it possible for newly created folders?

Thank you.