LibLaftPafe
New Member
I have some PDFs uploaded by the user and they are saved on hard drive. Those PDFs should actually only be visible by the user who uploaded. But at the moment it is not secure. If somebody guesses the name of the PDF, it can be viewed by anybody else too.Eg: \[code\]http://www.something.com/PDFs/abcghjiekm.PDF\[/code\]This is a security threat. What I'd like to be able to do is have some kind of logic that processes the request to these PDFs and compare it with my DB to see if this PDF is actually belonging to the user who requested it. How can I do that?Edit: I cannot use FileStream as my website is already up and running. I don't want to change all of the codebase and go into each and every aspx page to hunt where the PDFs are accessed.