HTTP authentication and PHP authentication

Question

Possible Duplicate:
HTTP authentication using PHP authentication

Hi. I'm making a members area for my site and I have it already running. I authenticate members using mysql and php and this works really well.

But now problems occurs, I would like to offer members a possibility to upload files to the systems, and those files should be available ONLY to logged in members.

I know I could store those files to a database or even in a filesystem and serve them throught php, BUT this will get very heavy for the server when members upload bigger files. Those files might be even 20MB or even bigger.

What exactly is your question here? How to secure access to the files, or how to store them on your server? — Eric Petroelje, Jun 18 '10 at 14:14
Don't accept sizes over a certain limit? Or upgrade your hosting plan? — Russell Dias, Jun 18 '10 at 14:15
Or you could try amazon cloud hosting http://aws.amazon.com/ec2/ or your prefered cloud hosting to store the files — Luke, Jun 18 '10 at 14:20

score 1 · Answer 1 · answered Jun 18 '10 at 16:31

1

His question is how to make those files unavailable to users who are not authenticated (I supppose).

Storing files themselves in databases is a very bad idea. Just put them in an unaccessible directory (ie: use .htaccess to restric access) and serve them using PHP. The additional load on the server in doing so (if done correctly) is minimal.

answered Jun 18 '10 at 16:31

quantumSoup

27,197
9
43
57

"The additional load on the server in doing so (if done correctly) is minimal." How would one do this correctly? – iambriansreed Mar 07 '12 at 17:15

HTTP authentication and PHP authentication

1 Answers1