secure download files

searain

say i have a members only folder.

in this folder, i have a password checking step on top of every php page. so every php page is secured by password.

but how about these downloadable files, .exe, .pdf etc. how can i be sure these files are secured by password checking?

for pdf file, i can use php checking the password, and then write this pdf to the page. but it is slow. and also how about other files, such as .exe etc.?

any simple approach? server user group approach is not applying here.

thanks

hand

You can use readfile() in connection with header();
http://www.php3.de/manual/en/function.readfile.php

<?
// Here pwd checking
if ($check == true && $file = "xls") {
   header("Content-Type: vnd.ms-excel");                                   

   readfile("sample.xls");
}
if ($check == true && $file = "pdf") {
   header("Content-Type: pdf");                                   

   readfile("sample.pdf");
}
?>

Mime types: http://www.isi.edu/in-notes/iana/assignments/media-types/media-types

searain

will readfile() work for .exe, .zip, and all other formats files?

for the .exe, what the reader will see?

are they going to see the pop up window with the choice of download or execute on the current location?

thanks.