|
PHP - Calling A Specific Pdf File From A Non Web-accessible Folder
Hi guys,
I hope you may be able to shed some light on a problem I am having. I am fairly new to PHP although do understand bits and peices such as login system. Basically - I have a website with lets say 10 users (more like 500 but that will do for now!) - Each user has their own page wich is password protected. Each month - I want to be able to upload PDF files to the server - which CAN ONLY BE ACCESSED BY THE RELEVANT user. They must not be able to see each others PDF files. To do this I have been advised to have a non-web accessible folder on my server to put the PDF's in and then use PHP to handle the operation. Therefore my path would be: 1/ User logs into page 2/ User clicks the PDF link 3/ PF link goes to PHP page that checks they are logged in and then the PDF they want before delivering to the server. I do actually understand the theory but my PHP is not at the stage where I can just write the code that will handle the operation. I am also very confused over how to access the non-web accessible files! Could anyone please give me an example of the code I will need to use to a) check the user is logged in (I guess I can use the same code I used for the login) and then b) call the relevant PDF and display it? I have been given a path of c:\blahblahblah to access my PDF files but don't even know how to begin implimenting this! Here is the code I use for my login system. Could anyone show me how to adapt it to get what I need? Thank so much for anyone that can help - hopefully I will be in a position to give back one day! -------------------------------------------- if(isset($_SESSION['loggedin'])) { header("Location:" . strtolower($username) . ".php"); if(isset($_POST['submit'])) { $username = mysql_real_escape_string($_POST['username']); $password = mysql_real_escape_string($_POST['password']); $mysql = mysql_query("SELECT * FROM mydb WHERE username = '{$username}' AND password = '{$password}'"); if(mysql_num_rows($mysql) < 1) { die("Password or Username incorrect! Please <a href='login.php'>click here</a> to try again"); } $_SESSION['loggedin'] = "YES"; $_SESSION['username'] = $username; header("Location:" . strtolower($username) . ".php"); AND THEN IN THE HEADER OF THE PAGES <?php session_start(); if(!isset($_SESSION['loggedin'])) { header('Location: /login.php'); } elseif ($_SESSION['username'] . '.php' != basename($_SERVER['SCRIPT_FILENAME']) ) { // Logged in user attempting to view someone else's page header("Location:" . strtolower($_SESSION['username']) . ".php"); exit; } ?> Again - any help would be truly appreciated. I will say now that the last person I asked said "Use the open() function - that'll work!" ...... answers like that are a bit lost on me at the moment and leave me even more confused! Cheers in advance Similar TutorialsI'm talking like /uploads at the main folder where index.php or index.html goes
These photos theoretically are meant to be publicly viewed anyway so what is bad about that?
Let's say profile pictures.
I mean couldn't anyone scrape facebook and "steal" profile pictures? I don't know why but I'm just wondering.
Hello first time poster here . Soni have been in the proccess of designing a website that would give images to users . But only owner of an image will get thier own image . And some people may not access thier image whom are invalid untill i make them valid users. Si.my problem is i want to stop people from accessing these images by typing thier mysite.com/path and these files only be accessable via a php that is in my website . How do i go about doing that . Is it iam my new to this or there is not a convenient way to do this . Thanks in advance I'm storing website files online and each user can upload their own files and admin can upload files for that user specifically. How would I go about making sure nobody else can download their PDF file? Would it be a case of assigning a folder for each user's documents and not allowing access to any other user to that folder?
Thanks in advance.
How can i call a specific row when ever a like. example : Code: [Select] $record = mysql_query("select * from table_name"); ($getValue= mysql_fetch_row($record) //i'm not sure what should i use. should i use mysql_fetch_array, mysql_ fetch_ assoc, mysql_ fetch_ object, mysql_ field_ name and etc. print $getValue[$column_name][0]; 0 = value 1st row in the database/table_name 1 = value 2nd row in the database/table_name 2 = value 3rd row in the database/table_name ...... .... ...... ..... etc. is there a code i can do except from using sql_fetch_array then loop and put in into a multidimensional array? Hi I am trying to create a dynamic gallery in php with specific order of pictures on the page, but I can't find the function or piece of php code to do so.
Conditions: My code:
$files = glob("layout/gallery/*.jpg");
rsort($files, SORT_NATURAL);
for ($i=0; $i < count($files); $i++) {
for( ; $i<5; $i++){
$one = $files[$i];
echo '<img src="'.$one.'">' . '<br><br>';
}
echo "<br>";
for( ; $i<9; $i++){
$two = $files[$i];
echo '<img src="'.$two.'">' . '<br><br>';
}
}
The code works well, but it just displays 9 pictures obviously. I was unable to make it dynamic displaying 5 pictures first, 4 pictures after and stay this way in a loop till displays all pictures from that folder. I have a page using forms to help build listing templates for eBay. I have a folder where I have hundreds of logos stored. I know the logo names but not their extensions. . . . I have to test each potential (jpg, jpeg, gif, png, etc.) until I guess right. Here is an example code for the web form:
<form action="extension_test2.php" method="post"> <p>Logo: <input name="e" value="" type="text" size="15" maxlength="30" /><p> <input name="Submit" type="Submit"/> </form> and the form's result: <? $e =$_POST['e']; if(!empty($e)) { echo '<img src="http://www.gbamedica...ebayimg/logos/'.$e.'">'; }; ?> Here is a link to the example: http://www.gbamedica...ension_test.php Use "olympus.jpg" for test. I am looking for code that can determine the file type and dynamically add the extension. Can it be done? Hey everyone, I'm pretty new to this, not my full time job, but just something I thought I'd give a shot... I have a database, in postgres, in which I make my query and I go fetch all the info I need. What I need to do next is the tricky part for me. For each line of results received, I have to output to a text file (.txt) but I have to respect a format that was given to me from the person requesting the info. Example: Character 1 must be G or N. Character 2 to to 11 will be a result from my database search, which is a 10 digit string. Character 12 to 14 must be spaces. Another rule is: start at character 78: input a value from my database search but it must not exceed 20 characters and if it is less then 20 character, fill the remaining with spaces. If anyways has a code I can copy and work off of I would really appreciate it....thanks! I need to add these lines to my .htaccess file via PHP Code: [Select] RewriteCond %{REQUEST_URI} checkout RewriteRule ^(.*)$ https://myurl.com/checkout/$1 [R,L] RIGHT after this line: Code: [Select] RewriteBase / AND before this line: Code: [Select] RewriteCond %{REQUEST_FILENAME} !-f This is how the current file looks w/o the new line addition: Code: [Select] RewriteEngine On RewriteBase / RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule ^(.+)$ index.php [L,QSA] It needs to look like this when the new lines are added(extra line breaks not necessary): Code: [Select] RewriteBase / RewriteCond %{REQUEST_URI} checkout RewriteRule ^(.*)$ https://myurl.com/checkout/$1 [R,L] RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule ^(.+)$ index.php [L,QSA] The line numbers may not match up, so I cannot use the line number. Hey guys, total newb when it comes to php. any help here would be much apreciated, what i am trying to achieve is to allow a person to upload a jpg image that he wants displayed on a dynamic flash site, but seeing as the flash is looking for xx.jpg, is it possible that any jpg file he uploads , say its called golf.jpg, is automatically uploaded/renamed to xx.jpg ? so i dont have to get him to rename the files before uploading. i attempted to understand a short tutorial on doing this but failed, here is what code i used. ( i added that rename line, looking at it now sorta seems like a really lame attempt lol ) Code: [Select] <?php $target = "upload/"; $target = $target . basename( $_FILES['uploaded']['name']) ; $ok=1; rename ("*.jpg", "xx.jpg"); //This is our size condition if ($uploaded_size > 350000) { echo "Your file is too large.<br>"; $ok=0; } //This is our limit file type condition if ($uploaded_type =="text/php") { echo "No PHP files<br>"; $ok=0; } //Here we check that $ok was not set to 0 by an error if ($ok==0) { Echo "Sorry your file was not uploaded"; } //If everything is ok we try to upload it else { if(move_uploaded_file($_FILES['uploaded']['tmp_name'], $target)) { echo "The file ". basename( $_FILES['uploadedfile']['name']). " has been uploaded"; } else { echo "Sorry, there was a problem uploading your file."; } } ?> <body> <form enctype="multipart/form-data" action="upload.php" method="POST"> Please choose a file: <input name="uploaded" type="file" /><br /> <input type="submit" value="Upload" /> </form> cheers I want to get suggested keywords from yahoo api service. When xml file is empty (no keyword), it gives error. To resolve this problem I used this code: if (file_exists('http://search.yahooapis.com/WebSearchService/V1/relatedSuggestion?appid=YahooDemo&query=Madonna&results=2')) { $xmlmetades = simplexml_load_file('http://search.yahooapis.com/WebSearchService/V1/relatedSuggestion?appid=YahooDemo&query=Madonna&results=2'); } Since it is not a normal .xml file, it is always considered no file, and return nothing. The root directory:
header.php
stylesheet.css
In the following example I am trying to include the header.php file in a sub folder.
When I include the header.php like in the following example then the stylesheet.css file will not work anymo
<?php
include("../header.php");
?>
The stylesheet.css file is included in the head tags of the header.php file.
Is the above example the right way to do it? If yes, how can I do it so the stylesheet.css file will work too.
Hi, I have a form where a user selects a file to attach to the email. At the moment when you select a file it uploads from the user device. How do i change this so that a user can attach a file from a folder on the server. For example the folder name is uploadinvoice so when the user selects the browse button to attach a file it opens up the uploadinvoice folder on the server so the user can select the file from there ?
Thanks
coding i have at moment function ValidateEmail($email) { $pattern = '/^([0-9a-z]([-.\w]*[0-9a-z])*@(([0-9a-z])+([-\w]*[0-9a-z])*\.)+[a-z]{2,6})$/i'; return preg_match($pattern, $email); } if ($_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST['formid']) && $_POST['formid'] == 'form1') { $mailto = $_POST['youremail']; $mailfrom = isset($_POST['myemail']) ? $_POST['myemail'] : $mailto; $subject = 'Message'; $message = 'Message'; $success_url = './test.php'; $error_url = ''; $eol = "\n"; $error = ''; $internalfields = array ("submit", "reset", "send", "filesize", "formid", "captcha_code", "recaptcha_challenge_field", "recaptcha_response_field", "g-recaptcha-response"); $boundary = md5(uniqid(time())); $header = 'From: '.$mailfrom.$eol; $header .= 'Reply-To: '.$mailfrom.$eol; $header .= 'MIME-Version: 1.0'.$eol; $header .= 'Content-Type: multipart/mixed; boundary="'.$boundary.'"'.$eol; $header .= 'X-Mailer: PHP v'.phpversion().$eol; try { if (!ValidateEmail($mailfrom)) { $error .= "The specified email address (" . $mailfrom . ") is invalid!\n<br>"; throw new Exception($error); } $message .= $eol; foreach ($_POST as $key => $value) { if (!in_array(strtolower($key), $internalfields)) { if (!is_array($value)) { $message .= ucwords(str_replace("_", " ", $key)) . " : " . $value . $eol; } else { $message .= ucwords(str_replace("_", " ", $key)) . " : " . implode(",", $value) . $eol; } } } $body = 'This is a multi-part message in MIME format.'.$eol.$eol; $body .= '--'.$boundary.$eol; $body .= 'Content-Type: text/plain; charset=ISO-8859-1'.$eol; $body .= 'Content-Transfer-Encoding: 8bit'.$eol; $body .= $eol.stripslashes($message).$eol; if (!empty($_FILES)) { foreach ($_FILES as $key => $value) { if ($_FILES[$key]['error'] == 0) { $body .= '--'.$boundary.$eol; $body .= 'Content-Type: '.$_FILES[$key]['type'].'; name='.$_FILES[$key]['name'].$eol; $body .= 'Content-Transfer-Encoding: base64'.$eol; $body .= 'Content-Disposition: attachment; filename='.$_FILES[$key]['name'].$eol; $body .= $eol.chunk_split(base64_encode(file_get_contents($_FILES[$key]['tmp_name']))).$eol; } } } $body .= '--'.$boundary.'--'.$eol; if ($mailto != '') { mail($mailto, $subject, $body, $header); } header('Location: '.$success_url); } catch (Exception $e) { $errorcode = file_get_contents($error_url); $replace = "##error##"; $errorcode = str_replace($replace, $e->getMessage(), $errorcode); echo $errorcode; } exit;
} When I use require('../config.php'); It does not works on my machine but it works on shared hosting Can someone help me what must be the issue? Thanks in advance CSJakharia This topic has been moved to HTML Help. http://www.phpfreaks.com/forums/index.php?topic=308625.0 Hi all, i want to download a file from the server but instead of storing it in the downloads i want it to store it directly in the folder i want and i also dont want to show any download window that appears while we download any file. Friend please help..... Hello all, i am go9090go. Today i made a domains for a jar file people can upload from my website. I made this to make the jar file close source and its easy to update. Now i made a java classloader and everything i made works. The classloader call a php document with the password and username. The pass and name will be checked inside a databse and if its inside i use header() to load the jar file. But when i just go to my main domain i get the index of the site and people can easly download the jar file without have to walk thru the php pass checker. So i want to place the jar file inside a protected folder,and i want that only way you get acces to this jar is by the php file. How can i get a file from a protected folder? here is the php used when the jar file is not inside a protected folder: <?php $DBName = "name";//name database $DBUser = "name";//user $DBPassword = "pass"; //passs $DBHost = "host"; //might be different mysql_connect($DBHost, $DBUser, $DBPassword); mysql_select_db($DBName); $username = $_GET['username']; $password = $_GET['password']; $IP = $_SERVER['REMOTE_ADDR']; $string = "Java"; $pos = strpos($agent, $string); if (!strpos($_SERVER['HTTP_USER_AGENT'], "Java")) { echo("Your Auth has been banned for trying to breach security."); //mysql_query("delete from users where username='$username'"); exit(); } $query = "select * from users where name='$username' and pass='$password'"; mysql_query($query); $num = mysql_affected_rows(); if ($num > 0) { header('Location:script/Script.jar'); } ?> now i want to use the header to a file inside a folder that is protected : so how can i make the header() methode to open script.jar inside a protected folder. The folder haves name and pass: blabla,balbla for exempel thanks for help if (!file_exists('../images/flags/imNum.txt')) { $file1 = fopen('../images/flags/imNum.txt','c'); fclose($file1); } why won't that work =\ it makes no sense to me I upload an image and put every information inside $_SESSION['tmp'] and $_SESSION['path'] then once user click on button then i use move_uploaded_file($_SESSION['tmp'],$_SESSION['path']) but file uploaded not appeared in my upload folder, and again i try to echo everything but all information still kept well in $_SESSION is there something missing here? thanks I'm trying to extract the contents of a zip file to a folder. I found the ZipArchive class and followed the examples to get it to work for the most part. But I want to extract the files in the folder inside the zip file but leave the folder out. So it should extract just the files to my given destination. I found this on php.net. Code: [Select] If you want to copy one file at a time and remove the folder name that is stored in the ZIP file, so you don't have to create directories from the ZIP itself, then use this snippet (basically collapses the ZIP file into one Folder). <?php $path = 'zipfile.zip' $zip = new ZipArchive; if ($zip->open($path) === true) { for($i = 0; $i < $zip->numFiles; $i++) { $filename = $zip->getNameIndex($i); $fileinfo = pathinfo($filename); copy("zip://".$path."#".$filename, "/your/new/destination/".$fileinfo['basename']); } $zip->close(); } ?> For some reason that 'copy' line is not working for me. Obviosly I've changed the variables in the line to the correct variables. Can someone help me out. Thanks Mike Hi everyone, I'm still learning, but getting intermediate in PHP now, but it is still challenge to learn. I'm trying to have php check to see if one file inside folder in server, seem I could not get it right, but I tested it on other site, it works, but not this script, I don't understand why it won't work...maybe logical is wrong? here my code:
if ($_POST['video']) {
$path1 = "UPLOADS/Home/";
$path2 = "UPLOADS/Breakfast/";
$path3 = "UPLOADS/Spider/";
$scan1 = scandir($path1);
$scan2 = scandir($path2);
$scan3 = scandir($path3);
$count1 = count($scan1) - 3;
$count2 = count($scan2) - 3;
$count3 = count($scan3) - 3;
if($count1 > 0) {
header('location:exist.html');
}elseif ($count2 > 0) {
header('location:exist.html');
}elseif ($count3 > 0) {
header('location:exist.html');
}
But other site, it works:
$scan = scandir($path);
$count = count($scan) - 3;
echo $count;
if($count > 1){
echo "Hello yourself!<br />";
}
Anyone will help will be appreciate! Thank you! Gary Edited April 3, 2019 by sigmahokies |
|||||||