Re: secure file uploads and downloads

Hello,
Thanks for this, that definitely sounds like what i'm looking for.
Thanks.
Dave.

"Jerry Stuckle" wrote in message
news:A8idnRGGZqmzc_vanZ2dnUVZ_rCtnZ2d@comcast.com...
> Dave wrote:
>> Hello,
>> Not sure if this is php related or not, but i'd like to have certain
>> users who have the ability to upload files to my site, and others to
>> download files.
>> I thought about .htaccess and basic authentication, but then i
>> thought that's not very secure i was wondering if there was a php
>> solution, something that splits user uploads and downloads in to two
>> separate sections? I checked out some scripts on phpbuilder.com but they
>> don't seem to work with php5 which is what i'm using.
>> Thanks.
>> Dave.
>>
>>
>>
>
> Dave,
>
> Sure, it's rather easy to do. You obviously have some sign-on capability
> on your site. Have two flags stored somewhere (i.e. database or where
> ever else you keep your user info). One flag says allow uploads, the
> other says allow downloads.
>
> When they log in, store their login information (i.e. user id) in the
> $_SESSION variable. You could also store the flags in $_SESSION; it's up
> to you. I might do that because they're so small.
>
> On the upload page, get the user id from the $_SESSION and check the flag
> in your database (or just get the flag from $_SESSION if you stored it
> above) to see if they are eligible to upload. If so, display the upload
> page. If not, display an error message.
>
> Repeat the above for downloads.
>
> When they upload, place the files in a directory above the DOCUMENT_ROOT,
> so they won't be available to anyone. Then in your download script, set
> the appropriate header information for the file being downloaded (see the
> header() function).
>
> It's not that hard, although it can be a little intimidating right at the
> start.
>
> --
> ==================
> Remove the "x" from my email address
> Jerry Stuckle
> JDS Computer Training Corp.
> jstucklex@attglobal.net
> ==================
>