.htaccess - PHP: Allow file download to a authorized members only -

-

i have website , want registered members download particular file. have following structure:

in directory having original setup file, created .htaccess file with:

order deny,allow deny

and, file called download.php, call file using:

<?php $filename = "127.0.0.1/eye/setup/setup.msi"; if(ini_get('zlib.output_compression'))ini_set('zli b.output_compression', 'off'); header("pragma: public"); header("expires: 0"); header("cache-control: must-revalidate, post-check=0, pre-check=0"); header("cache-control: private",false); header("content-type: application/octet-stream"); header("content-disposition: attachment; filename=\"".basename($filename)."\";" ); header("content-transfer-encoding: binary"); header("content-length: ".filesize($filename)); readfile("$filename"); exit(); ?>

but, problem is: if knows exact location of file, he/she can setup similar php file on his/her server, passing $filename original location. so, how can rely on script security?

is there else strategy ?

one solution keep download folder outside documentroot. , download.php read using local path:

$filename = "/path/to/eye/setup/setup.msi"; // or build filename using $_get

then php code read content of desired file local path , set appropriate content type.


Comments

Post a Comment

Popular posts from this blog

jQuery Mobile app not scrolling in Firefox -

-
i have mobile app built in jquery mobile. scrolling fine in chrome & safari, fails scroll in firefox on desktop. have other instances of same app, different features, , works across browsers. life of me, cannot figure this, please help! located here: http://re-brand.us/dsus/index.html seems bug in firefox: bug log . able scroll using keyboard not trackpad on mac. are using mac? i'll keep looking see if can find way around it.
Read more

c++ - How to add Crypto++ library to Qt project -

-
Image
i downloaded crypto++ source , compiled cryptlib project in visual studio 2013, , added generated .lib file qt project, made .pro file this: qt += core gui qt += sql greaterthan(qt_major_version, 4):qt += widgets target = untitled template = app sources += main.cpp\ mainwindow.cpp headers += mainwindow.h \ databasecontrol.h \ test.h forms += mainwindow.ui win32:config(release, debug|release): libs += -l$$pwd/ -lcryptlib else:win32:config(debug, debug|release): libs += -l$$pwd/ -lcryptlibd else:unix: libs += -l$$pwd/ -lcryptlib includepath += $$pwd/ dependpath += $$pwd/ win32-g++:config(release, debug|release): pre_targetdeps += $$pwd/libcryptlib.a else:win32-g++:config(debug, debug|release): pre_targetdeps += $$pwd/libcryptlibd.a else:win32:!win32-g++:config(release, debug|release): pre_targetdeps += $$pwd/cryptlib.lib else:win32:!win32-g++:config(debug, debug|release): pre_targetdeps += $$pwd/cryptlibd.lib else:unix: pre_targetdeps += $$pw
Read more

php array slice every 2th rule -

-
i have array on php outputs in txt file: printing grid -- 1 values -- undef = -9.99e+08 20.2 \nprinting grid -- 1 values -- undef = -9.99e+08 102.0 \nprinting grid -- 1 values -- undef = -9.99e+08 55.1 \nprinting grid -- 1 values -- undef = -9.99e+08 -18.3 \n what point, need nummeric values @ beginning of each rule. 20.2, 102.0, 55.1, -18,3 etc... example, there can more or less in txt file. now do? have tested array slice function can't exclude rule: printing grid -- 1 values -- undef = -9.99e+08 this array slice code... $arraygood = array_slice($arraybad, 1, 4); and foreach loop create text file: $file = fopen("array.txt","w"); foreach ($arraygood $meting => $waarde) { echo fwrite($file,$waarde . '\n'); } fclose($file); thanks! as posted in comments, understanding have array of strings similar following: $lines = array( "printing grid -- 1 values -- undef = -9.99e+08", "20.2 \nprinting grid --
Read more