SitePoint Sponsor

User Tag List

Results 1 to 2 of 2
  1. #1
    Confirmed Halfwit
    Join Date
    Oct 1999
    Location
    Vancouver, BC, Canada
    Posts
    983
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I have several directories full of .pdf files, where each customer gets their own directory. To view a file, there is a login page where they enter their customer id and pw. Then the program does a directory listing to display the appropriate directory contents. They can then pick which file they want to view by clicking on the appropriate link.

    The problem is that when they click on a link to view a file, the URL in the window changes to the following.

    http://mydomain.com/reports/companyname/report.pdf

    How can I "protect" the directories so that a customer can't simply replace their companyname with someone else's and then view someone else's files?

    If I use .htaccess I'd have to have them login twice... I tried to include and require the pdf file, but it just gave me parse errors.

    Any suggestions?
    - A simple online WYSIWYG editor for HTML code snippets.
    - Managed Web Hosting - $3.95/month (resellers welcome)
    - Why pay more? $8.95 domains & $9.95 SSL certificates!

  2. #2
    Confirmed Halfwit
    Join Date
    Oct 1999
    Location
    Vancouver, BC, Canada
    Posts
    983
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I got this working with the following code:
    Code:
    <?php
    header( "Content-Type: application/pdf" );
    $dir = '/home3/gridops/reports/henri/TSR/test.pdf';
    readfile("$dir");
    >?
    However, if you use the "sessions_start()" command, it all stops working!

    Anyone have a suggestion?
    - A simple online WYSIWYG editor for HTML code snippets.
    - Managed Web Hosting - $3.95/month (resellers welcome)
    - Why pay more? $8.95 domains & $9.95 SSL certificates!


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •