 |  |  |  |  |  |  |  |
Files above the root - how does this work?
Please support our PHP advertiser: PostgreSQL or MySQL? Compare and contrast the two most popular open source databases
Thread Solved |
Sorry to all if this is in the wrong forum, I'll move it if someone tells me where it should go.
I saw another poster discussing some files stored above the root ... well here's what was posted:
"I have a script which generates invoices as PDF files and stores above just above www level (so they cannot be access directly via a URL)."
How does this work (I would like to use this)? If the files cannot be accessed via a URL, how are they accessed?
Thanks,
Simon.
I saw another poster discussing some files stored above the root ... well here's what was posted:
"I have a script which generates invoices as PDF files and stores above just above www level (so they cannot be access directly via a URL)."
How does this work (I would like to use this)? If the files cannot be accessed via a URL, how are they accessed?
Thanks,
Simon.
•
•
Join Date: Feb 2009
Posts: 1,973
Reputation: 
Solved Threads: 214
>Sorry to all if this is in the wrong forum
If your script is written in PHP, and your question is related to PHP/your script, then I would say that it's in the correct forum.
If your script is written in PHP, and your question is related to PHP/your script, then I would say that it's in the correct forum.
"Never argue with idiots, they just drag you down to their level and then beat you with experience."
You can reference files outside the DocumentRoot in your PHP scripts. You can use either relative or absolute path names, since PHP can "see" the whole file system.
Yep, it's a PHP thingie then!
Right, so I store the files outside of the root. Users log on to the site and get the appropriate session details set. Then they browse to a page full of links to various files, PDFs and MP3s. Some files are public and everyone gets that list. Some files are private and only logged users see that list.
How should I form the URL to link to the private files and what's to stop a user returning to a file after they have logged off?
Thanks,
Simon.
Right, so I store the files outside of the root. Users log on to the site and get the appropriate session details set. Then they browse to a page full of links to various files, PDFs and MP3s. Some files are public and everyone gets that list. Some files are private and only logged users see that list.
How should I form the URL to link to the private files and what's to stop a user returning to a file after they have logged off?
Thanks,
Simon.
you should put the public and private files into separated directory.
Create a script using directory functions available in PHP such as scandir() to list the directory content. You may protect this file using session so that only logged user may access it.
Create a script using directory functions available in PHP such as scandir() to list the directory content. You may protect this file using session so that only logged user may access it.
I'm spammer...
Ah ... now that's the bit I don't get ... how do I protect a file or a directory using PHP (general pointers ... not asking for it to be done for me!)?
I have a log in routine, the relevent session is set and that's fine, I can do anything I like inside a page using PHP to list information acoording to logged status.
So, say I list a load of links to a some mp3 files and some of these mp3s are only listed for logged on users ... what's to stop someone simply putting the URL for the mp3 file itself in? They would still get the file even if they were not logged in.
My code has to work on Windows IIS and Apache. I believe that I could accomplish this on a Linux machine with .htaccess but I don't have that luxury.
As a point of interest, will .htaccess work on sites hosted on my mac?
thanks for your help,
Simon.
I have a log in routine, the relevent session is set and that's fine, I can do anything I like inside a page using PHP to list information acoording to logged status.
So, say I list a load of links to a some mp3 files and some of these mp3s are only listed for logged on users ... what's to stop someone simply putting the URL for the mp3 file itself in? They would still get the file even if they were not logged in.
My code has to work on Windows IIS and Apache. I believe that I could accomplish this on a Linux machine with .htaccess but I don't have that luxury.
As a point of interest, will .htaccess work on sites hosted on my mac?
thanks for your help,
Simon.
•
•
Join Date: Jan 2009
Posts: 1,398
Reputation:
Solved Threads: 170
using php the user neve sees the url of the file
and without a logged in session nothing
very poor code unchecked dont think it works its a concept example
and without a logged in session nothing
php Syntax (Toggle Plain Text)
Last edited by almostbob; Aug 27th, 2009 at 8:32 pm.
Failure is not an option It's included free, you don't have to do anything to get it
If at first you dont succeed, join the club
Of course its always in the last place you look, you dont keep looking after you find it
Please mark solved problems, solved
If at first you dont succeed, join the club
Of course its always in the last place you look, you dont keep looking after you find it
Please mark solved problems, solved
•
•
Join Date: Jan 2009
Posts: 1,398
Reputation:
Solved Threads: 170
html Syntax (Toggle Plain Text)
php Syntax (Toggle Plain Text)
Failure is not an option It's included free, you don't have to do anything to get it
If at first you dont succeed, join the club
Of course its always in the last place you look, you dont keep looking after you find it
Please mark solved problems, solved
If at first you dont succeed, join the club
Of course its always in the last place you look, you dont keep looking after you find it
Please mark solved problems, solved
Almostbob you are a star, thank you. The penny has finally dropped. This has vexed me for some years now and I finally get it thanks to your replies. Now, if someone could explain what the second number in a musical time signature means then I would be walking on air! 
I love the idea of serving up polka music to hackers!
thanks,
Simon.
I love the idea of serving up polka music to hackers!
thanks,
Simon.
 |
Similar Threads
- functions in header files (C++)
- Issue with uploading files (PHP)
- Recovering Outlook Files (Windows Software)
- Need to get rid of startup error: Please select the operating system to start (Windows 95 / 98 / Me)
- configure PHP to work with Mysql (MySQL)
- Deleting Uploaded Files? (PHP)
- Suse display (Getting Started and Choosing a Distro)
- Need DOS help (Windows 95 / 98 / Me)
- Windows Explorer /e,/n, doesn't work (Windows NT / 2000 / XP)
- video files (Windows NT / 2000 / XP)
Other Threads in the PHP Forum
- Previous Thread: GD is not showing in phpinfo
- Next Thread: imagepng delete after creating?
Views: 332 | Replies: 8
| Thread Tools | Search this Thread |
Latest PHP Posts
- Today's Posts
- Unanswered Threads
Related Forum Features
Tag cloud for PHP
.htaccess access ajax apache api array beginner binary broken cakephp checkbox class cms code cron curl database date datepart directory display download dynamic echo email error file files folder form forms function functions google href htaccess html image include insert integration ip java javascript joomla jquery limit link list login loop mail menu methods mlm mod_rewrite multiple mysql oop parse password paypal pdf php problem query radio random recursion regex remote script search select seo server sessions sms soap source space speed sql structure syntax system table tutorial update updates upload url validation validator variable video web webdesign xml youtube
