Reputation: 763
I have an folder in my apache public folder and it's contents must be protected at all time. Let's say the folder is called 'protected'. When someone then tries to open http://domain.com/protected/random.file, that someone shouldn't be able to open/download it. Access should be completely blocked, with no possible workarounds.
I'm building an portal for an company wich wants to be able to only publish files to authorised users. The portal I made has an custom made php authentication method. When a user is logged in and has the right permissions (still php), that user should be allowed to download that specific file it's been granted access to (defined in database).
I was thinking of an script at download.php, when an file is requested, php gets the file contents and forces an download. Is it possible to block all access to '/protected' with .htaccess, but still allow php to get the file contents?
Thanks in advance.
PS. The protected folder hás to be in the public_html folder.
Upvotes: 1
Views: 3825
Reputation: 1481
yes. use
Deny from all
in .htaccess
and for the download script use HTTP Download Class
It also has a speed and resume support.
Upvotes: 2
Reputation: 13131
Sure. .htaccess only applies to access via the web, not the file system.
Upvotes: 3