I've built a tiny, crappy little file manager where an admin can create a folder, upload files to that folder, and assign a username and password to the folder (php/mysql not htaccess).
To prevent direct browsing access to the folders I've bunged an .htaccess file in the admin-created folders' parent folder, which denies all, but allows localhost access so the PHP script which returns the contents of the folders as links can run.
All fine and dandy, but a user can't view/save the files as it isn't a localhost operation. Seems to me that this would be quite a common issue, but I've yet to find an answer on other forums.
Any ideas?
To prevent direct browsing access to the folders I've bunged an .htaccess file in the admin-created folders' parent folder, which denies all, but allows localhost access so the PHP script which returns the contents of the folders as links can run.
All fine and dandy, but a user can't view/save the files as it isn't a localhost operation. Seems to me that this would be quite a common issue, but I've yet to find an answer on other forums.
Any ideas?