ritso - Thomas Pf�fflin wrote: > how can i authenticate the download of binary files (eg. zip or pdf) > against the users rights in turbine? > > Authentication in screens and actions is not a problem and already done, > but what have i to do, to > ensure that only logged in users can download the binary files. Where > must i pace these files, and > where can i do the check?
Put the File outside of your Webroot. Write a download Action which validates user. If he has access, read the file from disc and pipe it into the output. You probably need to set the encoding type to octet something. Thats how i would do it in PHP *g* Must be simular here. -- Michael Kunze http://www.smrealms.de
signature.asc
Description: OpenPGP digital signature
