Hello Experts,
Need your expert opinion/experience for this problem.
I have a folder where all image/audio files are kept.
I have to allow only selected users(based on some conditions) to read the file directly as url and deny to others.
Say my audio file is kept in htdocs/audio/a.mp3
If any person directly tries to access the file like http://somesite.com/audio/a.mp3 it should deny him.
But if user is logged in and has permission to access file it should allow him.
It might need some .htaccess to work around but unable to get how?
Thanks.Thats not the solution to my problem.The link that you have given is for password protecting directories…I have to check the permission through a php file and then allow the user access the file.
say user “A” has uploaded file 1.mp3. Then only allowing user A to access 1.mp3.If a logged in user “B” tries to access the file then deny him.
One alternative is to use mod_rewrite to redirect requests for the upload location to a custom script that accepts the requested filename. You can then proceed with the user login process, and if the user is allowed, start transferring the file.
Thanks a lot friends for your valuable input.
What pointed above is right.I can deny access to a directory,then read the file and output it to the user.But to my bad luck, i have to let user directly download file from the directory as it is a big file.Reading file within php and then output it is not the way.:mad:
I am still working on it.I guess it is Similar to how digital buying.
Thanks pmw57.
…As i already said that I have to let user download file from directory because files may be very large.
I want to let users download file from the directory itself.But if other users tried to follow the link then he is denied because of lack of permissions.
Thanks AnthonySterling,
I tried the method of reading file and sending it to download.It seems to work fine but if I pause the download and resume,it says the source file could not be read.
So if i am downloading a 1 gb file and somewhere I pause, I have to restart the download completely.
Do you have idea of how downloading of digital
products happen. They give us the link to download after we pay. if any other person tries to download with the link it denies access.
You can store the files in folders where each folder name is the user id. Then use a php file to reach the file by id… only you (and php and the database) will kwno the relationship between the file id and the path / folder. That way the links are kind of masked and people cant guess the direct path. And also only owners will download the right files.
About the limits you will also need to save this information… assuming database… since you are controlling / allowing the download via a php file you can update the database so next call to it will not allow it… can be time based only or x amount of times.
You can read up on range http requests to learn how to make your php script able to work with both download managers and resuming downloads.
You could also, just create a temporary symbolic link with a unique name, that points to the file. Delete it after a while.
also see mod_xsendfile
or use mod_rewrite and use some of the more advanced mapping options, like having it use a database directly, or a program which communicates with a db.