Jump to content

password protect file(s)


nepeaNMedia

Recommended Posts

Hi Folks

 

Firstly let me apologise if this has been asked many times before, I searched the forums but did not find the answer.

 

AIM

I have built a CMS an I want to be able to upload files (pdf, xls etc) so that a user can only access them with a username and password.

 

Does this mean I will need to dynamically create password protected folders or is there some other method?

 

I would be grateful if someone could point me in the right direction for tutorials etc that could show me how to achieve this by whatever method

 

cheers

 

paul walker

Link to comment
https://forums.phpfreaks.com/topic/121340-password-protect-files/
Share on other sites

 

WORK IT ALL OUT IT EASY TRY THEN WERE CORRECT YOUR CODE..........

 

 

THIS SHOULD GET YOU GOING MATE...........

 

 

PHP URL.

 

http://uk3.php.net/features.file-upload

 

 

Example #1 mkdir() example

<?php

mkdir("/path/to/my/dir", 0700);

?>

 

 

 

 

//file command use

 

$_FILES['userfile']['name']

 

    The original name of the file on the client machine.

$_FILES['userfile']['type']

 

    The mime type of the file, if the browser provided this information. An example would be "image/gif". This mime type is however not checked on the PHP side and therefore don't take its value for granted.

$_FILES['userfile']['size']

 

    The size, in bytes, of the uploaded file.

$_FILES['userfile']['tmp_name']

 

    The temporary filename of the file in which the uploaded file was stored on the server.

 

 

 

//uploading code....

<?php
// In PHP versions earlier than 4.1.0, $HTTP_POST_FILES should be used instead
// of $_FILES.

$uploaddir = '/var/www/uploads/';
$uploadfile = $uploaddir . basename($_FILES['userfile']['name']);

echo '<pre>';
if (move_uploaded_file($_FILES['userfile']['tmp_name'], $uploadfile)) {
    echo "File is valid, and was successfully uploaded.\n";
} else {
    echo "Possible file upload attack!\n";
}

echo 'Here is some more debugging info:';
print_r($_FILES);

print "</pre>";

?>

 

form code....

 

<!-- The data encoding type, enctype, MUST be specified as below -->

<form enctype="multipart/form-data" action="__URL__" method="POST">

    <!-- MAX_FILE_SIZE must precede the file input field -->

    <input type="hidden" name="MAX_FILE_SIZE" value="30000" />

    <!-- Name of input element determines name in $_FILES array -->

    Send this file: <input name="userfile" type="file" />

    <input type="submit" value="Send File" />

</form>

Thank you for your thorough reply however, my problem is allowing only permitted users to access the file once on the server. For example I make that file available to Tom (via password) but not available to Dick and Harry as they will not have the password. Can this only be achieved using htaccess and if so can this be done on the fly using php

when you create the folders then name the folders with the users name or id,

then that user can only acess that folder.......

 

to get the user id your need to use a database or set a session

with the current users id to access the folder that they own.........

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.