Hello everyone, I am in need of something that may be fairly simple.<br /><br />I have a website that I am developing <!-- w --><a class="postlink" href="http://www.voiceforinmates.com">www.voiceforinmates.com</a><!-- w --><br /><br />And want to have password protected downloadable files on each personal page. <br /><br />Basically I would like to present a link on each personal page where there are downloadable documents BUT! you must have the password THEY have chosen for their document in order to be able to actually download it.<br /><br />example: Legal transcripts.....<br /><br />Thank You for any help given. <br /><br />Darnell<!--content-->
Head on over to hotscripts.com. I'm sure you will find something of use there.<!--content-->
Not sure this will help but if only the file needs to be password protected and not the link, you can use WinZip to protect the file.<!--content-->
<!--quoteo--><div class='quotetop'>QUOTE</div><div class='quotemain'><!--quotec-->BUT! you must have the password THEY have chosen for their document in order to be able to actually download it.<!--QuoteEnd--></div><!--QuoteEEnd--><br /><br />Since your are not asking to lock the FILE but lock access to the DOWNLOAD ability, why not use the WEBPROTECT option in cpanel? <br /><br /><b>For each person, create a folder. Use WebProtect to put a username/password combination on the folder. </b> All files in that FOLDER would have same password. Store docs for that person in that folder. Then from the web page, link to the file <!--coloro:#666666--><span style="color:#666666"><!--/coloro--> <a href="http://www.yoursite.com/webpage.htm" target="_blank">h**p://www.yoursite.com/webpage.htm</a> <!--colorc--></span><!--/colorc--> would link to: /samc1/file1.zip or /samc1/file2.doc or /joef1/file1.zip etc. To download/view the file, the assigned password would be required. <br /><br />You can lock the individual files with passwords if necessary using winzip as Thomas suggested.<br /><br />(For best protection, passwords need to be several digits, mix of uppercase/lowercase/numbers and maybe characters with NO words in the dictionary. 123catdog is not good but 1Ct3a2Dgo would be acceptable.)<!--content-->
Problem with password protected zips is you can still download them and you can bruteforce zip passwords at something like 2,000,000 passwords a minute.<br /><br />If you don't mind doing it by hand you could use .htpasswd for each file but you would have to create a new one for each user.<br /><br />The alternative would be PHP and MySQL. You need two database tables and a folder that is set to local access only for the files to go in. The first table being username and passwords. The second being filenames and username it's assigned to. You then make a PHP file that gets called for each download with the filename passed as a variable and then this php script asks for the username and password for that file. If correct username and password is supplied then PHP sends them that file otherwise no go.<br /><br />As complicated as it may sound the above method would be extremely simple to code for even someone with only basic PHP and MySQL knowledge.<br /><br />Actually since you only want to use a password you could get away with a single database table.<!--content-->
THANK YOU EVERYONE FOR YOUR ASSISTANCE SMILE<br /><br />Samrc you in particular. I figured it had to be a fairly simple solution. I am using the webprotect option as you suggested. It is exactly what I was looking for.<br /><br />Thanks again everyone your input was again greatly appreciated.<br /><br />Darnell<!--content-->
Glad it worked Darnell!<br /><br />JimE<!--content-->
Glad it worked out! <br /><br />We use this technique on our business site for our sales reps. Each has a different folder with their own stats and data. None can get into the others info. One thing we made sure to do...the user name did not follow the same pattern. For some of the reps, the user name is an email address, for others it is a phrase (nospaces), yet others it is a place, etc. so even if you know the other person's email address or favorite password used on other sites, you still would have to guess at the user name! <img src="http://www.totalchoicehosting.com/forums/style_emoticons/default/biggrin.gif" style="vertical-align:middle" emoid="
" border="0" alt="biggrin.gif" /> Helps to keep people from entering where they don't belong!<!--content-->
Head on over to hotscripts.com. I'm sure you will find something of use there.<!--content-->
Not sure this will help but if only the file needs to be password protected and not the link, you can use WinZip to protect the file.<!--content-->
<!--quoteo--><div class='quotetop'>QUOTE</div><div class='quotemain'><!--quotec-->BUT! you must have the password THEY have chosen for their document in order to be able to actually download it.<!--QuoteEnd--></div><!--QuoteEEnd--><br /><br />Since your are not asking to lock the FILE but lock access to the DOWNLOAD ability, why not use the WEBPROTECT option in cpanel? <br /><br /><b>For each person, create a folder. Use WebProtect to put a username/password combination on the folder. </b> All files in that FOLDER would have same password. Store docs for that person in that folder. Then from the web page, link to the file <!--coloro:#666666--><span style="color:#666666"><!--/coloro--> <a href="http://www.yoursite.com/webpage.htm" target="_blank">h**p://www.yoursite.com/webpage.htm</a> <!--colorc--></span><!--/colorc--> would link to: /samc1/file1.zip or /samc1/file2.doc or /joef1/file1.zip etc. To download/view the file, the assigned password would be required. <br /><br />You can lock the individual files with passwords if necessary using winzip as Thomas suggested.<br /><br />(For best protection, passwords need to be several digits, mix of uppercase/lowercase/numbers and maybe characters with NO words in the dictionary. 123catdog is not good but 1Ct3a2Dgo would be acceptable.)<!--content-->
Problem with password protected zips is you can still download them and you can bruteforce zip passwords at something like 2,000,000 passwords a minute.<br /><br />If you don't mind doing it by hand you could use .htpasswd for each file but you would have to create a new one for each user.<br /><br />The alternative would be PHP and MySQL. You need two database tables and a folder that is set to local access only for the files to go in. The first table being username and passwords. The second being filenames and username it's assigned to. You then make a PHP file that gets called for each download with the filename passed as a variable and then this php script asks for the username and password for that file. If correct username and password is supplied then PHP sends them that file otherwise no go.<br /><br />As complicated as it may sound the above method would be extremely simple to code for even someone with only basic PHP and MySQL knowledge.<br /><br />Actually since you only want to use a password you could get away with a single database table.<!--content-->
THANK YOU EVERYONE FOR YOUR ASSISTANCE SMILE<br /><br />Samrc you in particular. I figured it had to be a fairly simple solution. I am using the webprotect option as you suggested. It is exactly what I was looking for.<br /><br />Thanks again everyone your input was again greatly appreciated.<br /><br />Darnell<!--content-->
Glad it worked Darnell!<br /><br />JimE<!--content-->
Glad it worked out! <br /><br />We use this technique on our business site for our sales reps. Each has a different folder with their own stats and data. None can get into the others info. One thing we made sure to do...the user name did not follow the same pattern. For some of the reps, the user name is an email address, for others it is a phrase (nospaces), yet others it is a place, etc. so even if you know the other person's email address or favorite password used on other sites, you still would have to guess at the user name! <img src="http://www.totalchoicehosting.com/forums/style_emoticons/default/biggrin.gif" style="vertical-align:middle" emoid="
" border="0" alt="biggrin.gif" /> Helps to keep people from entering where they don't belong!<!--content-->