Asked  7 Months ago    Answers:  5   Viewed   45 times

I have .doc and .zip files in download directory on my server. whoever visit my site page (download-file.php) only those user should be able to download these files and other should not.

I am trying to achieve above but no luck...

I am still able to put direct file address (http://example.com/sample.doc) in browser and I am able to download which I don't want..even someone else giving link to above file on any website then also download should not happen.

Could any one please share some idea..how i should achieve this.

Thank you in advance.

 Answers

89

In the htaccess file in your document root, you can include these rules:

RewriteEngine On
# you can add whatever extensions you want routed to your php script
RewriteCond %{REQUEST_URI} .(doc|zip|pdf)$ [NC]
RewriteRule ^(.*)$ /download-file.php?filename=$1 [L]

Then in your download-file.php, you can display whatever you need to display and the download link, which your php script can just immediately serve the file using php's readfile() (see link for examples)

Wednesday, March 31, 2021
 
Rocket
answered 7 Months ago
85
# Turn On ReWrite Engine
RewriteEngine On

# Exclude url.php and index.php from redirecting
RewriteCond %{REQUEST_URI} !^/(index|url).php

# Redirect to url.php
RewriteRule . url.php [NC,L]
Wednesday, March 31, 2021
 
Skipper
answered 7 Months ago
49

Please make a backup of your .htaccess file. Now remove all lines -- make it empty (there is too much noise there at the moment).

Add these lines to your empty .htaccess (should be in the root folder of your website):

RewriteEngine On
RewriteRule ^opslag/vis/(d+)$ /opslag/view.php?vis=$1 [NC,QSA,L] 

This should treat www.url.com/opslag/vis/11 as www.url.com/opslag/view.php?vis=11.

Please ensure that you have no more .htaccess files in opslag folder.

Saturday, July 31, 2021
 
Gabriele
answered 3 Months ago
18

Put the files somewhere outside the public webroot directory, or configure your server to not serve the files. As long as your server will happily serve everything with a valid URL, there's nothing you can do with PHP to prevent that.


If your files are in the /public_html/ folder, take them out of that folder and place them in e.g. /secret_files/, so your directory structure looks something like this:

public_html/
    index.html
    admin/
        admin_index.php
secret_files/
    my_secret_file.txt

The webserver is only configured to serve files in the /public_html/ directory, so nobody will have access to directories outside (technical term above) it.

To still enable somebody to download those files, do as cletus suggests and use readfile to "manually serve" the files via a PHP script. PHP will still have access to these other parts of the file system, so you can use it as a gatekeeper.

Friday, August 13, 2021
 
nfechner
answered 3 Months ago
56

Can you show us the code com.example.newpicker.AnotherActivity class, because it seems that the error comes from this class.

then the error is a IndexOutOfBoundsException, so have you tried with less image eg 10 or 20? and run later when the first 10 are recovered?

Friday, September 3, 2021
 
EzzDev
answered 2 Months ago
Only authorized users can answer the question. Please sign in first, or register a free account.
Not the answer you're looking for? Browse other questions tagged :