Security on .jpg .pdf .doc

Forum Moderators: phranque

Message Too Old, No Replies

Security on .jpg .pdf .doc

plasmapudding

2:59 pm on Jan 17, 2006 (gmt 0)

Hi,

I don't know if what I'm trying to achieve is possible so here goes:

I have a directory full of files, .pdf, .doc etc that I would like to password protect. The only catch is that I'd like the authentication to come from, e.g. secure.php.

So, user requests www.domain.com/word.doc, then secure.php fires first to see whether the user is authenticated.

If the user is authenticated, the secure.php does nothing, and the web server is allowed to serve up word.doc as usual.

If the user is not authenticated, he gets redirected by the secure.php to a login page.

I'm thinking:

Use .htaccess to specify a handler (secure.php), but I can't figure out how to fire the handler and then serve up the page.

Any help will be greately appreciated.

mack

3:05 pm on Jan 17, 2006 (gmt 0)

htpassword would be an option but it would require the user to log in each time. Are you looking for somethign that recognises the user is authenticated, and allows then access to the directory without them having to manualy enter details?

Mack.

plasmapudding

3:17 pm on Jan 17, 2006 (gmt 0)

Yip,

If the user is logged in, they should be allowed to view any of the files in the directory, but I want the desision of whether they can view or not to come from a php script.

plasmapudding

2:36 pm on Jan 18, 2006 (gmt 0)

Hia,

found something close to what I want to do:

[webmasterworld.com...]

Accept I have too many different file types to be coding individual headers, so I want to:

if validated, continue serving up page as normal
if not validated, redirect

any help appreciated

Cheers
G