On Wed, May 28, 2008 at 2:23 AM, Adam Richardson <adam@xxxxxxxxxxxxxx> wrote: > I usually set up what amounts to a quick controller page. The page accepts > a GET variable that identifies the download, and it also delegates to a > helper object that determines the access level. > > If the delegate determines that the person should be able to download/view > the content, the controller sets the headers, retrieves the file, and then > outputs the file contents to the output stream. > > Otherwise, the controller redirects the visitor to a page that let's them > know they don't have access, but prompts them to pay/sign up to get the > access for the product. > > Adam > > > On May 28, 2008, at 2:16 AM, John Comerford wrote: > > Hi Folks, >> >> This may not be strictly a PHP question but there may be something in PHP >> to do what I want. I am in the process of putting together a pretty basic >> website using MySql and PHP on a third party host. One of the function is >> to allow known stockist download a catalogue (.pdf). I am fine to do login >> etc. but I am not sure how to approach restricting the catalogue. I can >> do it so that the link is only visible if the user logins in, but that >> doesn't stop the link being downloadable even if it is not visible. I was >> thinking I could put it in a location not visible to the public and transfer >> it to a location that is when the user logs in, something with a cryptic >> name etc... but that doesn't really sit right with me and at very least >> gives me some house keeping issues.... >> >> Anybody got a suggestion as to the best way to handle this ? >> >> TIA, >> JC >> >> -- >> >> -- I usually place the documents in a folder above the web root so that it can not be acccessed directly through a url, then as Adam suggested, create a controller that will validate the user, read in the file and send it out to the user. Bastien Cat, the other other white meat
