How can I protect pdf and mp4 files with php script? When I type the exact url of a file in my uploads directory in wordpress I am redirected through .htaccess to a php script (serve.php) that should be able to serve the content of the pdf and mp4 files to the authenticated users only. The script should check the if the user is authenticated and then check if the file is pdf or mp4, then serve the content and the appropriate headers. Thanks :)
Asked
Active
Viewed 444 times
2 Answers
0
Once you have sent your file to serve.php, as per the previous question, you'll need to simply check that the user is logged in (authenticated).
If the user is not authenticated, you should simply throw an error message stating that they are not allowed to view the file, using die() or outputting a message with a 403 Forbidden HTTP status code using header('HTTP/1.0 403 Forbidden');.
Mike Rockétt
- 8,947
- 4
- 45
- 81
-
Hey Mike, I have already done this. The main problem arise when it comes to serving the files to the authenticated users. I want to play mp4 with my flowplayer and render the pdf with my pdf reader. Should I redirect them or should I do thet through the headers? Any odeas? – Faust Apr 29 '13 at 14:42
-
That's for a completely different question. If the user is authenticated, the file that serves the data can simply render the output (using FlowPlayer, or your PDF reader, for instance). Am I missing something here? – Mike Rockétt Apr 29 '13 at 16:39
0
If your server has x_sendfile apache module - try it.
How to use:
