i have a form which allows the user to upload some files to a folder.
i’ve edit the .htaccess file in that directory to protect this folder from allowing the unwanted visitors to download the contents manually by typing the full url
ex:
http://www.bkabkabka.com/a/b/c/document.pdf
and this is the .htaccess data
Options All -Indexes
<FilesMatch "\.(htaccess|doc|pdf|docx)$">
Order Allow,Deny
Deny from all
i have another administration page which allows the responsible guy from our side to download the files by filtering them to anything he want and then click on a html link to normally download the files.
ex:
id name filename
1 aaaaa --> filename1 <-- this is href link which contains for example http://www.bkabkabka.com/a/b/c/2.doc
the problem is that the htaccess modification is applying globaly and i want to create like a username and password to this folder and then use PHP code to connect to this folder and be able to download the files normally.
how can i do that?
thank you.
the easiest way to password protect a directory with apache is htpasswd:
add to your .htaccess in the root dir of the protected directory tree:
then run this from the comand line and enter the desired password:
you can add another user like so:
to download files in this protected dir with php, use basic authentication. that is construct a url like so: http://user:password@server/protected/file.txt
re your comment, in cpanel there’s a “Password Protect Directories” feature accessible from the main page. Here’s some detail on that:
http://www.siteground.com/tutorials/cpanel/pass_protected_directories.htm
if you’re planning to store the uploaded files in your protected directory, you would just want to make sure move_uploaded_file copies the file to the right path, e.g.: