Password protecting PDF files

Anon

My company's new Web site will have some PDF files that we want people to view only AFTER they have spoken to one of our representatives and obtained a password. I've written a simple PHP script that will accept a password and then redirect the user to the desired file. However, this doesn't prevent a user from simply typing the file's URL into his browser's address bar and loading the file. How can I ensure that ONLY those users who have entered the correct password can view these files?

igebert

You want to prevent the delivery of a file -- that is in sphere of the webserver. I'd suggest you use a .htaccess file protecting a directory, that would be the most simple and safe solution (though it might render your PHP script obsolete).

If you want to have your own login dialogue I can just think of the dirty solution of file copy / delete operations...