Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
I made a database system with PHP and MYSQL. It has a lot of sensitive information so I’m trying to put the best security.
I have a question about video and audio files. I want only people that are logged in and that actually have permission to download the files to be able to download them, not anybody that just points to the folder where the media files are. How can I do that?! Thanks!
Call your files via a php wrapper, i.e.
<img src="files/file.php?id=oj348jfoj" />and in your file.php you output the file with image headers if the user has the rights to view the file. In you table, you have the real image URI that corresponds to youroj348jfojtoken, and this is what you file.php loads and outputs as image to the requester. This way the real URI of your server files stays hidden and you get to check access rights for every image load.