Hello all,
I am trying to make a document repository for my a group of people on my website.
The problem is, I only want people with "membership" (i.e. that enter a correct user/pwd) to be able to get access to this page and download the files.
Normally in PHP we can use Sessions to create a login process -- that is not the problem. The problem is that if someone knows the direct link to the file, they can send it to a friend (who is not a member) and they can download the file without being able to log in.
For example, let's say an authenticated user John logs in and copies the link location of a particular MS-Word file. This link will allow anyone to download the file. How can I prevent that?
Thanks
