When deppending on authentication, never link the files directly. You can create a download.php file that gets an ID through the URL, checks if the user is authenticated and then read the file. You will need these functions: http://pt.php.net/file_get_contents http://pt.php.net/header Header() is to send the mime type, and file_get_contents is to read the file's contents (DOH). If you run into trouble, you can (in the order given ;): 1) Read the user's comments on both functions. They're pretty helpful sometimes 2) Mail the ML :) -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
