Ok, I am using codeigniter and I have a secure login section. Inside the login users are able to download files.

What I need to do is stop people been able to access the file directly. I figure there will be a way using .htaccess to check for a authenticated variable that I could set in the POST array or something similar.

Any pointers would be good, was a bit of a hard topic to google because I'm not really sure what the best way to do it is.



The question is not specific to CodeIgniter. I would tag it as PHP instead.

Written by Trae

Accepted Answer

A good Google would be: php secure file download

Some helpful results I found for you:

To keep the files inside your webroot and password protect the directory they are inside of, and then use PHP to push the file(s) to the browser for download: http://www.nopersonal.info/aboutkateers/php_stuff/php_force_download.php

Or, if you have access to a directory above your web root: http://forums.tizag.com/showthread.php?t=893

Written by Trae
This page was build to provide you fast access to the question and the direct accepted answer.
The content is written by members of the stackoverflow.com community.
It is licensed under cc-wiki