 |
 |
setting up user downloads
|
|
|
|
|
Fresh-Faced Recruit
Join Date: Jul 2002
Status:
Offline
|
|
I have a problem that I'm not sure how to tackle, so I figured I'd state my requirements, and see if anyone could offer me some suggestions.
My boss wants a facility on our website that allows customers to login and download files. He wants to be able to assign specific users specific privileges, so they can only see and download certain files.
A low-tech solution would be to stick all the files in an randomly named directory (i.e. /dir2384mbhbb23/ ) and have a PHP interface to handle the password part, then giving the customer a link to the file. While this works for less tech-savvy customers, anyone who understands websites would realize they could go to this directory directly and get at files, without needing a password.
Another option is the DIR Protection in my site control panels (with .htaccess files) . . . but I'm trying to setup a system that's independent of me. My boss would be the one administering all of this, and I'd prefer it through an interface I setup in PHP, not through the site control panel. It would be great if I could setup this .htaccess stuff through PHP, but I don't know how to do that, or if its possible (so any advice there would be especially appreciated).
Anyway, if anyone knows of any other possible solutions, I'd really appreciate the help.
Thanks,
-Kunal
|
|
|
| |
|
|
|
|
|
|
|
Senior User
Join Date: Dec 2002
Status:
Offline
|
|
Do a search on sourceforge for php htaccess (require all words)
|
|
Travis Sanderson
|
| |
|
|
|
|
|
|
|
Grizzled Veteran
Join Date: Jun 2001
Location: Melbourne, Australia
Status:
Offline
|
|
Don't muck around with .htaccess and other insecure methods. Do it right the first time.
Set up a MySQL database with users and passwords, as well as a table for user permissions and groups.
Set up another table that holds information for each file, its type, its size and a lookup field that describes the permissions for that file (all groups, selected groups, etc).
Next you need to create two interfaces - a 'public' site that requires a user to login (and thus determine which groups they belong to), and an 'admin' site that allows you to administer the files, users, groups, etc...
This is the bare minimum framework you need to make some sort of semi-secure document 'vault'. If you use this as a working spec of the system you need, you'll find that both www.hotscripts.com/PHP/ and sourceforge will have projects that more or less suit your needs, and if you know PHP well you can obviously alter these projects to suit your needs.
If you do anything less, it's a waste of your time and a waste of your boss' time because you'll end up with a product that has so many flaws in it you'll constantly need to revisit it to make it work as expected.
|
|
Computer thez nohhh...
|
| |
|
|
|
|
|
|
|
Occasionally Useful
Join Date: Jun 2001
Location: Liverpool, UK
Status:
Offline
|
|
you can do that really easy with Dreamweaver, Simon. i spent the day writing about it yesterday 
|
|
"Have sharp knives. Be creative. Cook to music" ~ maxelson
|
| |
|
|
|
|
|
|
|
Grizzled Veteran
Join Date: Jun 2001
Location: Melbourne, Australia
Status:
Offline
|
|
Originally posted by philzilla:
you can do that really easy with Dreamweaver, Simon. i spent the day writing about it yesterday
How's that then? Got any links? Explain yourself, sir!
|
|
Computer thez nohhh...
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
 
|
|
|
Forum Rules
|
|
|
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
|
HTML code is Off
|
|
|
|
|
|
|
|
|
|
|
|
|
Top
