Got stuck on something. I added a verification for each request to PDFs in a specific folder. I've use .htaccess with prepend.php. It is on a Joomla website.
The goal is to allow subscribed member to see different PDFs in the folder, but reject the non-subscribed and visitor.
.htaccess
# set .pdf extension to be PHP
AddType php5-script .pdf
# match the .pdf extension
<FilesMatch "\.pdf$">
# set the prepend file setting
php_value auto_prepend_file "prepend.php"
</FilesMatch>
prepend.php
<?php
// Loading Joomla User core Files
define( '_JEXEC', 1 );
define('JPATH_BASE', '../');
require_once ( '../includes/defines.php' );
require_once ( '../includes/framework.php' );
// Create the Application
$app = JFactory::getApplication('site');
// Error Message : Please Log-in
$error = 'Veuillez vous connecter.';
// Check wether Joomla User is logged-in
$user = JFactory::getUser();
// Define user id
$ClientUserId = $user->id;
// Connect to databases
$link = mysqli_connect("localhost", "dbuser", "dbpsw", "dbname");
// Search for Account type
if($ClientUserId != 0) {
$resultabo = mysqli_query($link, "SELECT * FROM tablename WHERE user_id='$ClientUserId' ORDER BY id DESC LIMIT 1");
} else die($error);
// Controling wether the user is logged-in in a subscribed account
while($row = $resultabo->fetch_assoc()) {
$abo = $row["account_id"];
if($abo > 1 AND $abo < 7 ) {
// Note : All $abo between 6 and 7 are "subscribed"
// Sending headers to subscribed user
header("Content-Disposition", "inline; filename=myfilename.pdf");
header('Content-type: application/pdf');
readfile($_SERVER['SCRIPT_FILENAME']); // serve the requested file
exit(0);
} elseif ($abo == 1) {
// Note : 1 is a registered member but not subscribed
// echo message : Your account is not subscribed to our website, please go on WebsiteName to subscribe.
echo "";
} else {
// echo message : You encountered an error during your request. Please reload the page or log-in once again.
echo '';
}
}
// If nothing is triggered, die.
die()
?>
<!DOCTYPE html>
<html>
<body style="background-color: white;">
</body>
</html>
Problem is : Prepend file does not get read first so I'm stuck with this. Second Problem : I remember I found a way to read the prepend.php file, but the verification didn't work.
The only way I could get this work was on my local website and with different code :
.htaccess (local)
# Adding PDF compatibility to check
AddHandler php5-script .pdf
AddType application/x-httpd-php .html .htm
#Path of the directory where are stored the PDFs
php_value include_path "./journal/"
#Check wether or not user is logged-in & show pdf if logged-in
php_value auto_prepend_file "prepend.php"
prepend.php (local)
<?php
/* Loading Joomla User core Files */
define( '_JEXEC', 1 );
define('JPATH_BASE', '../');
require_once ( JPATH_BASE .'/includes/defines.php' );
require_once ( JPATH_BASE .'/includes/framework.php' );
/* Create the Application */
$app = JFactory::getApplication('site');
$error = "Une erreur est survenue";
/* Check wether Joomla User is logged-in */
$user = JFactory::getUser();
/* Define user id */
$ClientUserId = $user->id;
/* Connect to databases */
$link = mysqli_connect("localhost", "root", "", "dbname");
/* Search for Account type */
$resultabo = mysqli_query($link, "SELECT * FROM tablename WHERE user_id='$ClientUserId' ORDER BY id DESC LIMIT 1");
while($row = $resultabo->fetch_assoc()) {
$abo = $row["account_id"];
$error = "Une erreur s'est produite. Veuillez rafraƮchir la page.";
if ($abo == 1) die();
else if($abo == 2) {
header("Content-Disposition", "inline; filename=myfilename.myextension");
header('Content-type: application/pdf');
readfile($_SERVER['SCRIPT_FILENAME']); // serve the requested file
exit(0);
}
else die();
}
die();
/* Old Method */
#if ($user->guest) die();
#else {
# }
/* Sending back pdf */
?>
<html><body bgcolor="#FFFFFF"></body></html>
Thanks