Mudsaf Posted January 1, 2013 Share Posted January 1, 2013 Hello everybody, so im wondering how to make "Download" that is secured and users cannot go just with direct link like /downloads/file1.rar. I'd like that no SQL-storing would be there. Link to comment Share on other sites More sharing options...
jeffman Posted January 1, 2013 Share Posted January 1, 2013 (edited) Store the file in a directory that cannot be accessed by HTML. One way to create a directory like that is to have an .htaccess file in the directory that restricts access. Google that. Now you have to use PHP to download the file programmatically. There is an example of that here. You should Google the different header types so you know what each one does, and when you might have to use different values. Edited January 1, 2013 by Deirdre's Dad 1 Link to comment Share on other sites More sharing options...
birbal Posted January 1, 2013 Share Posted January 1, 2013 Also you can put the files in outside of web root which also means cant access publically. 1 Link to comment Share on other sites More sharing options...
jlhaslip Posted January 2, 2013 Share Posted January 2, 2013 (edited) Also, change the file name after it is uploaded so the user can not guess at the name of the uploads folder and the filename contained inside.And either of the methods above should work for security, but having the uploads folder outside of the web-accessible path would be more secure. IMHO Edited January 2, 2013 by jlhaslip 1 Link to comment Share on other sites More sharing options...
Mudsaf Posted January 3, 2013 Author Share Posted January 3, 2013 Thankyou, .htaccess file fixed the problem and thanks for other hints too. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now