nepeaNMedia Posted August 26, 2008 Share Posted August 26, 2008 Hi Folks Firstly let me apologise if this has been asked many times before, I searched the forums but did not find the answer. AIM I have built a CMS an I want to be able to upload files (pdf, xls etc) so that a user can only access them with a username and password. Does this mean I will need to dynamically create password protected folders or is there some other method? I would be grateful if someone could point me in the right direction for tutorials etc that could show me how to achieve this by whatever method cheers paul walker Link to comment https://forums.phpfreaks.com/topic/121340-password-protect-files/ Share on other sites More sharing options...
redarrow Posted August 26, 2008 Share Posted August 26, 2008 ur using a database i guess correct.............. Link to comment https://forums.phpfreaks.com/topic/121340-password-protect-files/#findComment-625655 Share on other sites More sharing options...
redarrow Posted August 26, 2008 Share Posted August 26, 2008 WORK IT ALL OUT IT EASY TRY THEN WERE CORRECT YOUR CODE.......... THIS SHOULD GET YOU GOING MATE........... PHP URL. http://uk3.php.net/features.file-upload Example #1 mkdir() example <?php mkdir("/path/to/my/dir", 0700); ?> //file command use $_FILES['userfile']['name'] The original name of the file on the client machine. $_FILES['userfile']['type'] The mime type of the file, if the browser provided this information. An example would be "image/gif". This mime type is however not checked on the PHP side and therefore don't take its value for granted. $_FILES['userfile']['size'] The size, in bytes, of the uploaded file. $_FILES['userfile']['tmp_name'] The temporary filename of the file in which the uploaded file was stored on the server. //uploading code.... <?php // In PHP versions earlier than 4.1.0, $HTTP_POST_FILES should be used instead // of $_FILES. $uploaddir = '/var/www/uploads/'; $uploadfile = $uploaddir . basename($_FILES['userfile']['name']); echo '<pre>'; if (move_uploaded_file($_FILES['userfile']['tmp_name'], $uploadfile)) { echo "File is valid, and was successfully uploaded.\n"; } else { echo "Possible file upload attack!\n"; } echo 'Here is some more debugging info:'; print_r($_FILES); print "</pre>"; ?> form code.... <!-- The data encoding type, enctype, MUST be specified as below --> <form enctype="multipart/form-data" action="__URL__" method="POST"> <!-- MAX_FILE_SIZE must precede the file input field --> <input type="hidden" name="MAX_FILE_SIZE" value="30000" /> <!-- Name of input element determines name in $_FILES array --> Send this file: <input name="userfile" type="file" /> <input type="submit" value="Send File" /> </form> Link to comment https://forums.phpfreaks.com/topic/121340-password-protect-files/#findComment-625661 Share on other sites More sharing options...
nepeaNMedia Posted August 26, 2008 Author Share Posted August 26, 2008 Thank you for your thorough reply however, my problem is allowing only permitted users to access the file once on the server. For example I make that file available to Tom (via password) but not available to Dick and Harry as they will not have the password. Can this only be achieved using htaccess and if so can this be done on the fly using php Link to comment https://forums.phpfreaks.com/topic/121340-password-protect-files/#findComment-625667 Share on other sites More sharing options...
redarrow Posted August 26, 2008 Share Posted August 26, 2008 when you create the folders then name the folders with the users name or id, then that user can only acess that folder....... to get the user id your need to use a database or set a session with the current users id to access the folder that they own......... Link to comment https://forums.phpfreaks.com/topic/121340-password-protect-files/#findComment-625668 Share on other sites More sharing options...
nepeaNMedia Posted August 26, 2008 Author Share Posted August 26, 2008 Thanks again I am not sure I entirely understand why naming a directory would limit it to a user. Secondly, even though safeMode is off mkDir does not seem to function I am at a loss Link to comment https://forums.phpfreaks.com/topic/121340-password-protect-files/#findComment-625709 Share on other sites More sharing options...
redarrow Posted August 26, 2008 Share Posted August 26, 2008 each diretory will have the users id from the database created from the upload form, only that user logged in will have access to that folder, why can u not create a folde that weired Link to comment https://forums.phpfreaks.com/topic/121340-password-protect-files/#findComment-625724 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.