how to protect a file from regular URL Access
Hi there, my head is spinning from this logical problem
ok, here is the problem, I require a user to be logged into website, then they can get a link which points to a file (the admin has recently uploaded (its a pdf document). ok thats simple right....well "what if" another user knows the filename of that document and also knows the website address where that file would be uploaded to. this means they they would not need to be logged into the website. they can simple go directly to that file..this ia really important to me that i can stop this type of access..
obviously cannot do theis using file permissions of folders in FTP client because that means the link i provide on ther website will also not be able to access the same file.
I have thought about .htaccess but i dont know what to change in that file. I thought about "masking" the filename or directory name but having no success with that at the moment. if the solution is .htaccess then not sure if the bottom of the browser would still display the true link.
also it is documented that i upload files off the website root. however how cna i do this? I am using a shared hosting. so how could i access off the site root?