SmartDev SmartDev - 1 month ago 9
PHP Question

DENY direct download of file using php

I have

.doc
and
.zip
files in download directory on my server.
whoever visit my site page (
download-file.php)
only those user should be able to download these files and other should not.

I am trying to achieve above but no luck...

I am still able to put direct file address (
http://example.com/sample.doc
) in browser and I am able to download which I don't want..even someone else giving link to above file on any website then also download should not happen.

Could any one please share some idea..how i should achieve this.

Thank you in advance.

Answer

In the htaccess file in your document root, you can include these rules:

RewriteEngine On
# you can add whatever extensions you want routed to your php script
RewriteCond %{REQUEST_URI} \.(doc|zip|pdf)$ [NC]
RewriteRule ^(.*)$ /download-file.php?filename=$1 [L]

Then in your download-file.php, you can display whatever you need to display and the download link, which your php script can just immediately serve the file using php's readfile() (see link for examples)