• 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
restrict access to files

#3
[eluser]JoostV[/eluser]
You could of course create pdf invoices on-the-fly. But if you wish to store the invoices on your file system this is what you could do:
1. Store pdf outside of webroot so it cannot be accessed.
2. Create controller that checks for login and forces download of the file.

Controller function 'open'
Code:
function open ()
{
    // Check if user is logged in
    $this->load->library('yourauthlibrary');
    if ($this->yourauthlibrary->checkAuth()) {
        redirect('login', 'refresh');
    }
    
    // Retrieve invoice filename, file ID is passed in URI
    // The model needs to return false if this is another user's invoice!
    $this->load->model('yourinvoicesmodel');
    $filename = $this->yourinvoicesmodel->fetchInvoice($this->uri->segment(3));
    
    // No data found, show error
    if (! $filename) {
        show_error('The invoice you were looking for could not be found.');
    }
    
    // Set filepath
    $filepath = '/PATH/TO/INVOICES/FOLDER/' . $filename;
    
    // Force download
    if (file_exists($filepath)) {
        
        // Use download helper to force download
        $this->load->helper('download');
        
        // Read file as string
        $data = file_get_contents($filepath);
        
        // Force download
        force_download($filename, $data);
    }
    else {
        
        // File does not exist
        show_error('The invoice you were looking for does not exist.');
    }
}


Messages In This Thread
restrict access to files - by El Forum - 07-07-2009, 03:39 AM
restrict access to files - by El Forum - 07-07-2009, 03:46 AM
restrict access to files - by El Forum - 07-07-2009, 04:18 AM
restrict access to files - by El Forum - 07-07-2009, 05:55 AM

Digg   Delicious   Reddit   Facebook   Twitter   StumbleUpon  


  Theme © 2014 iAndrew  
Powered By MyBB, © 2002-2021 MyBB Group.