Question
I have a joomla site. And have some pdf files into the root of the website.
Is there a way to protect the DIRECT ACCESS to the pdf's for the GUESTS(public) users.. and allow for REGISTERED users?
I tried with htaccess(deny) but registered users can't view the pdf directly too.. Searched but didn't find nothing about this.. PLEASE can somebody help.
Thank you
Solution
You must use document management plug-in if you wont want to write your own php codes.SO, DOCman is a powerful document management solution for Joomla. You can check it from following link.
http://extensions.joomla.org/extensions/directory-a-documentation/downloads/10958
OTHER TIPS
Create a file called download.php
Add the following code to download.php file enclose with php tag
https://stackoverflow.com/questions/22771822
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
Russiandefine('_JEXEC', 1);
define('DS', DIRECTORY_SEPARATOR);
if (file_exists(dirname(__FILE__) . '/defines.php')) {
include_once dirname(__FILE__) . '/defines.php';
}
if (!defined('_JDEFINES')) {
define('JPATH_BASE', dirname(__FILE__));
require_once JPATH_BASE.'/includes/defines.php';
}
require_once JPATH_BASE.'/includes/framework.php';
// Mark afterLoad in the profiler.
JDEBUG ? $_PROFILER->mark('afterLoad') : null;
// Instantiate the application.
$app = JFactory::getApplication('site');
// Initialise the application.
$app->initialise();
$user = JFactory::getUser();
$getfile = JRequest::getVar('file',null,'get','string');
if($getfile){
if($user->get('id') == 0){
die('permission denied');
}
$link = "/files/".$getfile.".pdf"; // Locate the pdf file
$file = JPATH_SITE.$link;
header("Content-Type: application/octet-stream");
$filename = $getfile.'.pdf';
header("Content-Disposition: attachment; filename=".urlencode($filename));
header("Content-Type: application/force-download");
header("Content-Type: application/octet-stream");
header("Content-Type: application/download");
header("Content-Description: File Transfer");
header("Content-Length: " . filesize($file));
flush(); // this doesn't really matter.
$fp = fopen($file, "r");
while (!feof($fp))
{
echo fread($fp, 65536);
flush(); // this is essential for large downloads
}
fclose($fp);
}
$app->close();
URL example :- www.example.com/download.php?file=filename
And make sure you have change the $link variable as you need.
In .htacess file you have to add the following code
deny from all
And it should be located under the invoice folder where the pdf files is located.
If you use deny from all then file do not have download access for the particular directory where the htacess file is located.
To allow download access for registered user the below controller has to be called instead of direct file path url.
URL example :- www.example.com/index.php?option=com_temp&task=temp.downloadmypdf&file=filename
public function downloadmypdf(){
$user = JFactory::getUser();
$getfile = JRequest::getVar('file');
if($user->get('id') == 0){
die('permission denied');
}
$link = "/invoice/".$getfile.".pdf";
$file = JPATH_SITE.$link;
header("Content-Type: application/octet-stream");
$filename = $getfile.'.pdf';
header("Content-Disposition: attachment; filename=".urlencode($filename));
header("Content-Type: application/force-download");
header("Content-Type: application/octet-stream");
header("Content-Type: application/download");
header("Content-Description: File Transfer");
header("Content-Length: " . filesize($file));
flush(); // this doesn't really matter.
$fp = fopen($file, "r");
while (!feof($fp))
{
echo fread($fp, 65536);
flush(); // this is essential for large downloads
}
fclose($fp);
JFactory::getApplication()->close();
}
Credits goes to Ashlin rejo.
