I have a set of PDF files on our website that the user needs to log in in order to view. The only problem is once they log in and get the URL for them, they can email it to their friends or anyone and they can be viewed by anyone on the web. How would I deny this access using htaccess, javascript, or php?

How about do it with php? check if the user is logged in by detect $_SESSION, then, made the file url unavailable if it is not set.

This article has been dead for over six months. Start a new discussion instead.