Re: secure file uploads and downloads

Hello Steve,
Thanks for your suggestion. I do believe in stress testing my setups. If
you could write me privately with an email address when i get this up and
running i'll drop you a line. I'd rather have you punch holes in it under
conditions where i can monitor than someone else exploit it.
Thanks.
Dave.

"Steve" <no.one@xxxxxxxxxxx> wrote in message
news:1DC9j.90$a52.3@xxxxxxxxxxxxxxx

"Jerry Stuckle" <jstucklex@xxxxxxxxxxxxx> wrote in message
news:ReOdnUOsIs3vaPvanZ2dnUVZ_ubinZ2d@xxxxxxxxxxxxxx
Steve wrote:
"Jerry Stuckle" <jstucklex@xxxxxxxxxxxxx> wrote in message
news:A8idnRGGZqmzc_vanZ2dnUVZ_rCtnZ2d@xxxxxxxxxxxxxx
Dave wrote:
Hello,
Not sure if this is php related or not, but i'd like to have
certain users who have the ability to upload files to my site, and
others to download files.
I thought about .htaccess and basic authentication, but then i
thought that's not very secure i was wondering if there was a php
solution, something that splits user uploads and downloads in to two
separate sections? I checked out some scripts on phpbuilder.com but
they don't seem to work with php5 which is what i'm using.
Thanks.
Dave.



Dave,

Sure, it's rather easy to do. You obviously have some sign-on
capability on your site. Have two flags stored somewhere (i.e.
database or where ever else you keep your user info). One flag says
allow uploads, the other says allow downloads.

When they log in, store their login information (i.e. user id) in the
$_SESSION variable. You could also store the flags in $_SESSION; it's
up to you. I might do that because they're so small.

and it works like a charm...right up to the point when i hijack your
session.

Ah, let's see how you do it, troll.

give me such a system and i'll be more than happy to.



.

Relevant Pages

  • Re: secure file uploads and downloads
    ... Not sure if this is php related or not, but i'd like to have certain users who have the ability to upload files to my site, and others to download files. ... Have two flags stored somewhere. ... One flag says allow uploads, ... store their login information in the $_SESSION variable. ...
    (comp.lang.php)
  • Re: secure file uploads and downloads
    ... certain users who have the ability to upload files to my site, ... uploads, ... You could also store the flags in $_SESSION; ...
    (comp.lang.php)
  • Re: secure file uploads and downloads
    ... users who have the ability to upload files to my site, ... One flag says allow uploads, ... You could also store the flags in $_SESSION; ...
    (comp.lang.php)
  • Re: NNTPS news providers
    ... Many news providers say they ... For downloads, logging is not necessary, other than ... > That would almost certainly be because of illegal uploads. ... And remailers don't play with binary posts well. ...
    (alt.privacy)
  • Re: Firefox 2.0 final is released
    ... downloads. ... Uploads are shitty, ... Did you check locally to see if there were other wireless options? ... The thing about the wireless tower is that trees don't bother it. ...
    (rec.outdoors.rv-travel)