Makes sense, and sort of what thought would be possible/doable.
Will look into it - off-hand, what function etc. do you use to set
document/response headers?
TIA
Jacob Kruger
Blind Biker
Skype: BlindZA
'...fate had broken his body, but not his spirit...'
----- Original Message -----
From: "Richard Quadling" <rquadling@xxxxxxxxxxxxxx>
To: "Jacob Kruger" <jacobk@xxxxxxxxxxxxxx>
Cc: <php-windows@xxxxxxxxxxxxx>
Sent: Wednesday, January 27, 2010 12:42 PM
Subject: Re: Server side redirection - yet again
2010/1/27 Jacob Kruger <jacobk@xxxxxxxxxxxxxx>:
I know this most likely isn't possible, and am currently using
javascript,
along with using PHP script in each page to just double check a session
login before displaying page content to make sure the user/person
browsing
the specific page is in fact logged in, etc., but I now have a word
document
that would be nice to make downloadable from the members section of a
website, but not sure how it would be possible to really stop someone
from
downloading the file if, for whatever reason they had the direct URL for
it,
without sort of never really offering that to anyone without having sort
of
redirected them via backend to get the file - sort of like maybe loading
the
file into a buffer of sorts, setting the response file type, and then
sending it to them - not sure how possible/doable this is via PHP, or on
a
linux server?
I know I could alternatively just create an HTML file bazsed on the word
document, and then implement the PHP session checking into it, etc., but
would really prefer to just keep the document unchanged as such.
Stay well
Jacob Kruger
Blind Biker
Skype: BlindZA
'...fate had broken his body, but not his spirit...'
__________ Information from ESET NOD32 Antivirus, version of virus
signature
database 4808 (20100126) __________
The message was checked by ESET NOD32 Antivirus.
http://www.eset.com
--
PHP Windows Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Step 1 would be to put the document outside of the
doc_root/public_html/etc. That way there is no direct URL.
Step 2 would be to create a downloader which validates the session and
if all is well, issues the appropriate headers to force a download and
then readfile() the document.
No direct access to the download. Must be validated to get the
download. Simple to implement.
--
-----
Richard Quadling
"Standing on the shoulders of some very clever giants!"
EE : http://www.experts-exchange.com/M_248814.html
EE4Free : http://www.experts-exchange.com/becomeAnExpert.jsp
Zend Certified Engineer : http://zend.com/zce.php?c=ZEND002498&r=213474731
ZOPA : http://uk.zopa.com/member/RQuadling
--
PHP Windows Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
__________ Information from ESET NOD32 Antivirus, version of virus
signature database 4809 (20100127) __________
The message was checked by ESET NOD32 Antivirus.
http://www.eset.com
__________ Information from ESET NOD32 Antivirus, version of virus signature database 4809 (20100127) __________
The message was checked by ESET NOD32 Antivirus.
http://www.eset.com
--
PHP Windows Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
