php restrict access to files in directory

Question

I am trying to restrict direct access to files in a directory. So for example i have website.com/files/example.flv.

So if users go straight to the file in the URL,

Answer 1

Yes. You'd have to place the files in a directory that's not accessible through the web. Then, you'd have to create a .htaccess file in your public_html/files/ folder, which points to your php script.

Something like this (note: code not tested):

Structure:

• root/
  • realfiles/
  • public_html/
    • files/
      • .htaccess
    • filehandler.php

.htaccess:

RewriteEngine on
RewriteRule ^/files/(.+)$ filehandler.php?stuff=$1 [QSA]

filehandler.php:

header('Location: /');

Of course you'd want the files to be accessible when you want them to access them. This can be done in filehandler.php, by checking if the user is allowed to view the file, and then returning something like:

header('Content-type: application/octet-stream');
header('Content-Disposition: inline; filename="'.basename(urlencode($file['name'])).'"');
readfile($dir.basename($file['filename']));
exit;