Jump to content

Secure file download with PHP


Mudsaf
 Share

Recommended Posts

Hello everybody, so im wondering how to make "Download" that is secured and users cannot go just with direct link like /downloads/file1.rar. I'd like that no SQL-storing would be there.

Link to comment
Share on other sites

Store the file in a directory that cannot be accessed by HTML. One way to create a directory like that is to have an .htaccess file in the directory that restricts access. Google that. Now you have to use PHP to download the file programmatically. There is an example of that here. You should Google the different header types so you know what each one does, and when you might have to use different values.

Edited by Deirdre's Dad
  • Like 1
Link to comment
Share on other sites

Also you can put the files in outside of web root which also means cant access publically.

  • Like 1
Link to comment
Share on other sites

Also, change the file name after it is uploaded so the user can not guess at the name of the uploads folder and the filename contained inside.And either of the methods above should work for security, but having the uploads folder outside of the web-accessible path would be more secure. IMHO

Edited by jlhaslip
  • Like 1
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

×
×
  • Create New...