Hey all,

I have a possibly silly web security issue I cant figure out.

Im serving sensitive files to individuals in a program database. I want the users to be able to click links to view these files in their own secure member areas. However, since these are all in the same documents folder anybody can just view the folder root and see everybodys files.

Theres too many users to create folders and htaccess's for all, unless im dumb and there is a way.

Am i missing the obvious solution or does anybody have a good way to do this. Just want users to be able to view personal documents but keep the folder itself hidden.

Any help is awesome, Thanks!