deny direct access to a single folder with .htaccess

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
I have not found a clear way of doing what I want and resort to posting
my question.

I have a php file that will link to pdf files from a directory called
pdf (within the apache htdocs folder). The way I have it coded now, the
address to the pdf shows in the address bar, and a user can modify just
the file name to read other files, which is something I don't want.
I am trying to deny access to this pdf directory to anyone except the
localhost, so that changing the file name will not allow viewing it. Is
this the proper way I should go about resolving the matter?
Is there a better way?

Thank you,

P.S. I have tried what I think would be best, which is to display a pdf
file by "printing" it with the php file, ie:

            $file_contents = file_get_contents('$filename');
            header('Content-type: application/pdf');
            print $file_contents;

but I get an error, stating that the pdf file can't be displayed
because it may be corrupt, and it isn't. Was anyone successful in doing
something like this?

Re: deny direct access to a single folder with .htaccess

psion wrote:
Quoted text here. Click to load it

The reason you get an error, is because you are trying to read the  
content of the file named $filename, as opposed to the file named  
whatever the variable $filename contains. Check up on the difference  
between single ' and double " quotes. Another thing is that you  
shouldn't be using quotes at all in this case. The line should read  
something like this:

$file_contents = file_get_contents($filename);

Tommy Gildseth

Re: deny direct access to a single folder with .htaccess

Either way, without quotes or with quote (single or double), I seem to
end up with an error:

File does not begin with 'PDF%'

Searching for this on google does not point to solutions.

Site Timeline