NYCPHP Meetup

[nycphp-talk] Single-Logon User Authentication, PHP and viewingnon-ASCII

Brian Pang bpang at bpang.com
Mon Aug 18 17:26:47 EDT 2003


you are probably going to have to do your own MIME typing and
appropriate setting of headers...

unless you want them all to force download, you can use
  header("Content-type: application/octet-stream");

at least that's what I use... there was a discussion about all of this a
while ago about forcing downloads, I can't remember what the final
consensus was

maybe you could even come up with some creative solution using a custom
404 error page which is actually a php page that looks for the file in
question, after checking user authentication (cookies, I assume), and if
it finds it initiates the download... and maybe that would then take
advantage of apache's MIME settings since you called the file as
domain.com/file.doc
I dunno if that would actually work... would have to be tried


> I am thinking of doing CGI as a good interim solution for the /content
> problem, however, there is one area I cannot figure out.
> 
> Whereas I could use CGI to display a list of files, and CGI to view an
> ASCII-based file (.txt, .html, .php, etc.) and display within the CGI
> wrapper, what would I do about non-ASCII files such as .doc or .pdf 
or even
> .jpg?
> 
> Phil
> ----- Original Message ----- 
> From: "Chris Snyder" <csnyder at chxo.com>
> To: "NYPHP Talk" <talk at lists.nyphp.org>
> Sent: Monday, August 18, 2003 4:12 PM
> Subject: Re: [nycphp-talk] Single-Logon User Authentication,PHP and
> viewingnon-ASCII
> 
> 
> > True about the permissions -- the webserver user has to be able to read
> > the files (though not necessarily write or execute them in this case).
> >
> > But if the /content directory is outside of the webserver's document
> > root, then someone would need another means of access to the server in
> > order to read the files-- they couldn't get at them via http.
> >
> > As was suggested before, some of these issues go away if you use PHP in
> > CGI mode, because then PHP runs as your UID.
> > They also go away a little bit if you change the ownership on the
> > content directory so that it is group nobody-- at least then only you
> > and the webserver can get to the files, and not other users (unless
> > they're in the webserver's group of course).
> >
> > But if you're really concerned about other users on the server, you
> > probably need your own box.
> >
> >     chris.
> >
> > Phil Powell wrote:
> >
> > >I have that already:
> > >
> > >[snip]
> > >
> > >However, this only works if the directory has permissions of at
least 755
> > >and each file at 777.  But that's not what the client wants, he
wants it
> to
> > >be set to permissions that the "outside world" can't view unless
they log
> in
> > >and are authenticated beforehand.
> > >
> > >Phil
> > >----- Original Message ----- 
> > >From: "Chris Snyder" <csnyder at chxo.com>
> > >To: "NYPHP Talk" <talk at lists.nyphp.org>
> > >Sent: Monday, August 18, 2003 3:33 PM
> > >Subject: Re: [nycphp-talk] Single-Logon User Authentication, PHP and
> > >viewingnon-ASCII
> > >
> > >
> > >
> > >
> > >>Check out the directory() functions.
> > >>
> > >>
> > >>Phil Powell wrote:
> > >>
> > >>
> > >>
> > >>>I looked up fpassthru online and how to set the headers.  Your
solution
> > >>>sounds fine for hopefully viewing a single file, but how about
> producing
> > >>>
> > >>>
> > >a
> > >
> > >
> > >>>list of files for display?
> > >>>
> > >>>Thanx
> > >>>Phil
> > >>>
> > >>>
> > >>>
> > >>>
> > >>>
> > >>>
> > >>_______________________________________________
> > >>talk mailing list
> > >>talk at lists.nyphp.org
> > >>http://lists.nyphp.org/mailman/listinfo/talk
> > >>
> > >>
> > >
> > >_______________________________________________
> > >talk mailing list
> > >talk at lists.nyphp.org
> > >http://lists.nyphp.org/mailman/listinfo/talk
> > >
> > >
> >
> > _______________________________________________
> > talk mailing list
> > talk at lists.nyphp.org
> > http://lists.nyphp.org/mailman/listinfo/talk
> 
> _______________________________________________
> talk mailing list
> talk at lists.nyphp.org
> http://lists.nyphp.org/mailman/listinfo/talk
> 
> 






More information about the talk mailing list