That was the idea originally, but I just rang the host up asking why I couldnt see any folders above root level, so whilst i was on the phone with him i asked him to set up a folder called private above the root level, which is said he did but i still cant see it, very annoying.
So then I saw the cgi-bin folder and thought hang on that would be good enough as long as it worked.
I just tried it too by putting a pdf in there and going through the browser to it via the cgi-bin folder and it didnt work, so wanted to check that it is a correct method for something i want to do
That’s strange as on the shared hosting I have I can see folders above the root.
You say in your first post “I dont want the pdf’s accesssible through the browse.” and in your second post you say “I just tried it too by putting a pdf in there and going through the browser to it via the cgi-bin folder and it didnt work”
How were you going to save and access the files?
You probably have more options through a VPS and I know there is some software to setup a cloud on your own VPS now.
Well from a semantic view point the cgi-bin directory is not the place to user uploaded files. Having said that it is just a directory at the end of the day. You are correct in storing the files outside the site root and regulating access through a PHP script which serves up the files if the requested user has the proper permissions. Though you are going to need an authentication and authorization system to go along with that if you don’t already have a user management system in place. I’m surprised your host doesn’t allow you access to the directory above the site root. Every shared server I’ve ever used had the web root as a secondary level directory.
This is the reason many of us lazy programmers use frameworks rather than rolling our own code/frameworks. If you were to use something like Zend, Symfony, Laravel, etc the functionality would be increasingly easier to add to an existing site. Having to role your own code though is a tough and tedious order for something that is really so basic and integrated partially into just about every modern open source PHP framework. Even though you might think some of those frameworks are a overkill chances are that as a project matures those frameworks will look increasingly more desirable. So it is better from the get go starting out with one such as Symfony rather than realizing later that you will need to rewrite basic functionality such as a user management system instead of leaning on a tried and true platform. Live and learn though.