Downloading files from directory for logged users only

njoydasilence

I don't know if my problem has anything to do with php, anyway I came here to look for a help:
I have on my page articles and files available for anyone and articles and files for download only for logged users. Displaying certain articles for logged users makes no problem. But let's suppose I have directories:
www.whatever.com/files/ ......where the free files available for anyone are
www.whatever.com/files-4-logged-users/ ......the place for files available only for members
But if anyone knew the path to e.g. www.whatever.com/files-4-logged-users/file.doc he would download it without a problem
What I want is so that the files in "files-4-logged-users directory" would be available for logged users only. Equally search engines and crawlers would not read it.
Can anyone help me with this please?

Oni

Sure that can be done with php...

Two ways I can think of:

Put those files in directories not accessable from the internet. And to download "file.doc" make a php code that would look something like this:

/download.php?file=file.doc

So then the php would get the file from the directory hidden outside users (Ex: /home/user/secretdir/) and send it to the user. Of course, after verifying the the person trying to access the file is logged in.

You can put all files in a mysql database and then get the file in a similiar way when requested...

I'd suggest the first method

njoydasilence

Thank you for your help but I'm afraid I'm not that skilled to solve it just with your instructions.
What shall I write in download.php?

Oni

-When you login into your hosting account using ftp, do you see "public_html" ? Well, if you do, then create a new folder, in this directory, right next to "public_html" Name doesn't matter.

And, can you post the code you use to authenticate users at each membership requiring page?

njoydasilence

Authentication is very simple using cookies. I can make it myself.
Well I created a new directory "secret" right next to "public_html"....that's what I didn't know that I can have a space which can't be accessed directly from the internet. So I put the secret files in it....But how do I get a path to files in that directory?
In download.php could be something like:

header("Location: here comes the path/$file");

Oni

Try This:

<?php

//User authentication code goes here


$path = "/home/user/secret"; //Change "user" to your username
$mainpath = "$path$file";
header("Cache-Control: ");# leave blank to avoid IE errors
header("Pragma: ");# leave blank to avoid IE errors
header("Content-type: application/octet-stream");
header("Content-Disposition: attachment; filename=\"".$file."\"");
header("Content-length:".(string)(filesize($mainpath)));
sleep(1);
readfile("$mainpath"); 

?>

In order to download a file (program.exe) that's located in the directory call the above code along with a variable. Such as:

http://site.com/download.php?file=program.exe

Also, don't forget to use an If - Else statement to cover the downloading code.

Take into note that whatever you have inside the download directory can be downloaded.

Headers copied from "Ironclan PHP Easy Download"

njoydasilence

Great!It works!
Thanks a lot!