Jump to content

Secure file download with PHP


Recommended Posts

Hello everybody, so im wondering how to make "Download" that is secured and users cannot go just with direct link like /downloads/file1.rar. I'd like that no SQL-storing would be there.

Link to post
Share on other sites

Store the file in a directory that cannot be accessed by HTML. One way to create a directory like that is to have an .htaccess file in the directory that restricts access. Google that. Now you have to use PHP to download the file programmatically. There is an example of that here. You should Google the different header types so you know what each one does, and when you might have to use different values.

Edited by Deirdre's Dad
  • Like 1
Link to post
Share on other sites

Also you can put the files in outside of web root which also means cant access publically.

  • Like 1
Link to post
Share on other sites

Also, change the file name after it is uploaded so the user can not guess at the name of the uploads folder and the filename contained inside.And either of the methods above should work for security, but having the uploads folder outside of the web-accessible path would be more secure. IMHO

Edited by jlhaslip
  • Like 1
Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
×
  • Create New...