Hi all.
I'm working on a project where I'm supposed to store some PDF into a website.
I'm usibg PHP/MySql.
Actually these PDF are very personal and I need to be sure that no one can access the PDF even if this is on an address like www.site.com/document.pdf. I need ti grant access only to user that are logged in a properly way (with php/mysql).

Any ideas about it?

Just do it from the .htaccess file. Add following into the .htaccess

<Files ~ "^.*\.([pP][dD][fF])">
	Order allow,deny
	Deny from all
	Satisfy All
</Files>

Hey Niranga but in this case could a user download if he have permission? And which kind of permission he would need?

You can use the .htpasswd file to store usernames and passwords. To restrict the access for selected users (people who have a valid username and a password) you have to put following in the .htaccess file

AuthName "Shella's Joint"
AuthUserFile path/to/the/htpasswd/file/.htpasswd
AuthType Basic
require valid-user

"path/to/the/htpasswd/file/.htpasswd" has to be changed to the correct path of your .htpasswd file.

For more information on .htaccess files and .htpasswd files, visit http://weavervsworld.com/docs/other/passprotect.html

Very interesting, I will check and I will do some try thanks.
Shella

Welcome :)

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.