There's lots of ways to do this...the one that springs to mind is have a simple referer check at the top of your file-page and if the referer is not coming from your site, then simply redirect the browser to an error page of your choosing.

You can also use .htaccess on linux servers to accomplish this type of thing.

It might look something like this:

<?php
if ( $_SERVER['HTTP_HOST'] != 'yourhost.com' ) {
  header( 'Location: http://www.google.com/' );
}
?>

yes neil dear
that was to appen
actually u r asking a questionn of basic security

what u can do is to change the access configurations from .htaccess file

or else use MySql at the back end and save those info in a database (password protected)

This will surely solve the problem!!

hi, pass hidden variable in view button

<input type="hidden" name="rlog" value="rlog">

and check in next page like

if(isset($_post['view']))

u can also use sessions

langsor gave a good solution

Bt basic problem is that the solution posted by him works only if your pages are php. But they may be simple text files also. Because i feel u r using flat files as your database.

so .htaccess solution as adviced by him and me both are correct.

and if in case your pages are php. then well good and fine. go on with the method of longor.

take care. and have fun
email me at: www.toughjamy.com
website: www.majftech.co.cc
anwar jamal faiz

Okay, try something like this then.
Pass the filename to one php script and if the requesting referer is from your site, deliver the content...otherwise deliver an error page.

<?php
// example argument passed with file name
// http://yourhost.com/view.php?file=test.pdf
$file = $_GET['file'];
if ( $_SERVER['HTTP_HOST'] == 'yourhost.com' ) {
  header( 'Content-type: application/pdf' );
  print file_get_contents( 'secret_directory/'.$file );
} else {
  header( 'Location: http://www.google.com/' );
}
?>

Hope this helps

ya i suppose now u gave correct explanation of ur problem

now only possible things are .htaccess

i need others to speak on this

Anyone to rescue neil of his situation??

easy bit... neil
lets see who solves first

take care
anwar jamal

You're missing the point...you cannot hide the address to the PHP script that displays the requested file, but it doesn't matter since the file is in a directory that will NOT be displayed in the address bar (since it is being printed directly through the PHP file) and that directory can even be located outside of the public server directory, but PHP can still access it and browsers cannot. But the main point is that the PHP script is checking if the requesting browser is coming from a page on your site, and if it's not, it doesn't show the file...

The real problem you will be facing is that anyone can save a copy of your PDF document to their local computer and unless there is some built in PDF security (none that I know of) they have total control over that document off of your website...there is no way around this that I know of.

People always try to protect content on web pages, sometimes with javascript overriding the browser functions, and many other ways...it really almost NEVER works when someone is determined. The only real way would be to use a password to protect the files from some people, but those you gave the passwords to would still be able to save the document and do what they wanted with it.

That's just the way it is.

yes again langsor gave a correct solution

actually it is now that ur problem is understood properly

BUT BE SURE TO GIVE YOUR SECRET_DIRECTORY NAME A VERY TOUGH NAME. this is very essential so that others cant guess
u may try sec_786_dir_786
or sEcReT_dIrEcToRy_112233
or any of its variants.

better still to try with POST instead of GET. so that even the file name gets hidden in the internet transactions

take care
anwar jamal faiz

You might need to be more specific. Are you one a linux server or windows...are there accounts set up that can tell one person apart from another?

What I know is you want people to be able to view your pdf files but only one your website...but through the page you specify, not directly through the URL.

Maybe you could explain what your exact situation is and we can find a different approach.

I think the answer I gave then should work...as good as anything.

But remember, there is no way to stop people from saving the PDF file to their computer when they view it -- no matter how they view it, since Adobe Reader has a "Save Copy" button built into it. (Unless I'm missing something about PDFs ?)...

So once they have it viewed in their browser, I don't know of anyway to keep them from saving a copy on their computer to view later or send to friends in an email or something like that.

You might look on the Adobe website for more information on this subject, to see if there is some security you can use to keep people from saving a copy of your PDF file to their computer. If there is, then my solution should be perfect combined with that function.

Sorry...maybe someone else knows some trick I'm missing here.

Good luck

Is there exist any file function like fopen(), fread() etc. using that i can open my pdf file in the browser...

You can either redirect the browser to the file you would like it to open by setting the header('Location: ...') , of course the browser must understand the file mime type in order to open it. Or you can print the file from the PHP script with print or echo functions. Everything else just opens the file inside the PHP script for direct parsing.