Re: secure file uploads and downloads

"Jerry Stuckle" wrote in message
news:Zd-dnVuLcOXoavvanZ2dnUVZ_u7inZ2d@comcast.com...
> Steve wrote:
>> "Jerry Stuckle" wrote in message
>> news:ReOdnUOsIs3vaPvanZ2dnUVZ_ubinZ2d@comcast.com...
>>> Steve wrote:
>>>> "Jerry Stuckle" wrote in message
>>>> news:A8idnRGGZqmzc_vanZ2dnUVZ_rCtnZ2d@comcast.com...
>>>>> Dave wrote:
>>>>>> Hello,
>>>>>> Not sure if this is php related or not, but i'd like to have
>>>>>> certain users who have the ability to upload files to my site, and
>>>>>> others to download files.
>>>>>> I thought about .htaccess and basic authentication, but then i
>>>>>> thought that's not very secure i was wondering if there was a php
>>>>>> solution, something that splits user uploads and downloads in to two
>>>>>> separate sections? I checked out some scripts on phpbuilder.com but
>>>>>> they don't seem to work with php5 which is what i'm using.
>>>>>> Thanks.
>>>>>> Dave.
>>>>>>
>>>>>>
>>>>>>
>>>>> Dave,
>>>>>
>>>>> Sure, it's rather easy to do. You obviously have some sign-on
>>>>> capability on your site. Have two flags stored somewhere (i.e.
>>>>> database or where ever else you keep your user info). One flag says
>>>>> allow uploads, the other says allow downloads.
>>>>>
>>>>> When they log in, store their login information (i.e. user id) in the
>>>>> $_SESSION variable. You could also store the flags in $_SESSION; it's
>>>>> up to you. I might do that because they're so small.
>>>> and it works like a charm...right up to the point when i hijack your
>>>> session.
>>> Ah, let's see how you do it, troll.
>>
>> give me such a system and i'll be more than happy to.
>
> Backpedaling again, troll. Let's see you hijack ANY PHP session of mine.
> Say on SourceForge? Or any other major site?

in case you missed it, i said 'ok'. give me a site that implements your
suggestion and i'll be happy to. backpeddling, you illiterate twit, would
involve me saying, no, i won't do it. you should know that though since you
do it so often yourself.