Secure pages and pdfs

[marynorn]

Normally, when adding a password-protected area to a website, I use .htaccess and .htpasswd, which I code in Notepad. However, I now have a user portal which will have upwards of 2,000 members. There will be a database with a tabl_users table holding all the log in details, pages will have 'restrict access to page' server behavious, blah blah blah, etc.

BUT

Some of those restricted pages are PDFs. And I can't add 'restrict access to page' server behaviours to PDFs. So I'm going to have to restrict the whole pdf directory, and I haven't the faintest idea how to do it, other than manually coding 2,000 usernames and passwords into an .htpasswd file.

I know there has to be a quick and easy way to do this, I've just never had to before.

HELP!

[djr33]

You could simply place all of the files in a directory that doesn't allow any access (either set this with CHMOD or just put it above your public_html directory).
Then you can check their login/password/etc with PHP, and if it verifies, output the file, using header('Content-type: application/pdf'); readfile('../mydir/myfile.pdf'); (untested/maybe incomplete, but a good start)