Login Based File Download

Matthew J. Long matt.long at matthew-long.com
Thu Nov 22 00:09:48 CST 2001


I'm sure there's more than one way to do it  ;-)  , but I was wondering what
you all think is the best approach for enabling authorized users to download
files while keeping everyone else out--without using .htaccess. I want to
validate the user and then generate the screens they need dynamically. There
will be a screen on which the user is allowed to download files. If the
directory containing the files is publicly accessible for authorized users,
how can I keep unauthorized users out.

Also, if your answer is, just send the proper file header back to the user
and then stream the file back (I could just open the file from behind the
web tree to keep it hidden this way--I think) using a CGI. Does anyone know
of a good way to do this, or more specifically how to do it at all?

Thanks in advance for your help.

-Matt




More information about the Pikes-peak-pm mailing list