Can i restrict a file to direct download.suppose in my domain i am having a upload folder in which i am having a exam.pdf file then it should not be downloaded by accessing url http://www.mydomain.com/upload/exam.pdf . If it is possible then please tell me the way.

If you are using Apache web server then use an .htaccess file, with this directive:

order allow,deny
deny from all

put this inside upload directory.

Can anyone view files of this folder by iframe.

because it is required. to view in secure way.

If you deny direct access then you need a script to display file names and to provide a download option. For example:

<?php
$files = glob('./upload/*.*');
print_r($files); # print array
?>

or

@readfile("./path/to/your/file");

to output the content of these files. Take care that you might want to manipulate the headers for the correct content, name and size.