.htaccess limit restrictions

[benluke4]

ok, ive set up a members area using php, mysql and sessions.

Within the members area they are able to download pdfs. I want to stop people from just calling them directly in the address bar?

I been told i can put the pdf files in a .htacces directory that restricts everything except say a PHP script accessing it by using <limit>.

I have the PHP script but have no idea how to set up the .htaccess directory so only the PHP script can acces it?

Thanks for any advice

Ben

 

[gchen]

Here is something you want to know before jump into this .htaccess thing...

http://httpd.apache.org/docs/howto/htaccess.html

Very good material and it guides you through the set up.

but if you do not have root access to the server, you cannot do it. Then, ask your server guy to help.

good luck!

~ Gary

 

[benluke4]

ok i cant acces the root folder at the mo but i want to try and get this script working which opens the pdf file.
It keeps coming up "file doesn't exist"

This is my code

//Validation of user permission to be here
// checks that user is logged in

<?


$file=$_GET['file'];
if(file_exists("$foodlog.pdf"))
{
header('Content-type: application/pdf');
header('Content-Disposition: attachment; filename="Report Name.pdf"');
readfile("$foodlog.pdf");
}
else 
{
    echo "File does not exist";
}
?>

any ideas

Thanks Ben