PHP - Password Protect Every File in a Specified Folder

[Gamerz]

Hello,

I have coded a PHP private uploader...What I want to do is to password protect my user's uploads folders, so if the user upload's a .txt file or .jpg file, no one can access it but only with a specified password.

 

Example: Gamerz uploaded example.txt on his own private uploader (members/Gamerz/uploaded/example.txt). And Bob comes along,. and tries to access that specific file. I want it to deny him access, unless he knows the password.

 

And I know you can't password protect a .txt file...I could password protect the whole folder, and every file within that folder gets restricted unless password is correctly entered when prompted..but how would I do that?

[corbin]

Your 2 best options are to either tunnel everything through a PHP script, or use htaccess.

 

 

If you tunnel everything through a PHP script, basically the concept of the script is this:

 

if(user is logged in) {

    if(file exists) {

        output file

    }

    else {

        //Oh no!  File doesn't exist!

    }

}

else {

    //Oh no!  No access!

}

 

 

 

To me it seems like the PHP way would be easier to maintain since you could pipe everything through one single script.

 

 

For the htaccess way, just read the manual on mod_auth.

[abazoskib]

why dont you use server permissions for the parent folder of each user?

 

using the php way, i could still gain access to the file by typing in the address bar the direct path to the file.

[Gamerz]

@corbin: What do you mean by tunnel? And where would I put that speicific code you sent? I won't be able to put that on every file the user upload's....Or maybe you put that code in a speicific script, and it will go through and protect every files? idk..

 

@abazoskib: If I use server permissions, I wouldn't be able to use php so it matches the username and foldername, so only the user itself can access the files. And what do you mean by server permissions? Like CHMOD or something?