Upload forms on Webpages

[jlwmanagement]

Hello fellow techies!,

I have a small dilemma. I need to have upload capabilities for my website, which was easily accomplished by a small php script. The problem lies in the finer points. I need these files to be secure as they are sensitive and I need my clients to be able to access only certain files (user/pass perhaps?). For instance I need user1 to only access files A,B, and C. And user 2 needs access to files B,C and D. What is the easiest way to accomplish this?
Thanks in advance!

[Redcore]

The most secure way to do it is with uploading to a DATABASE. I wrote a tutorial on this forum here:

TUTORIAL: Upload Files To Database

Access to the files REALLY depends on why your users are allowed to see certain files and not others, but as short and sweet as I can put it here...you'll need a table for FILES and a table for USERS.

How you decide to give users access to a particular file can be done in many ways. It depends on how your site functions. If you just have a small site with a small amount of users, you might give the FILES table a field named "allowed_users" or something and store an array of users you manually add through a small backend PHP script. If you have packages or something where a lot of similar users are going to have the access to the same files (like if they bought product 1) another way is to add a USERGROUP field that you could store the array of files that usergroup has access to, and then assign users to the proper usergroup.

If you're not really looking for a dynamic site such as this, you could always just move files to password protected folders and email the passwords to the people who should have them.

As you can see, it can be as simple or as dynamic as you want it. Creating a very dynamic site will take some more time initially but then it's a lot easier to manage and vice versa. You might have been looking for a simple A & B answer, but with file management like this you're playing in a bigger sandbox :P