I am trying to figure out how to use this in a wordpress environment:
From: Block direct url access but allow download
1st: .htaccess(in uploads folder)
Order Deny,Allow
Deny from all
2nd: (in wp-content folder "thePHPfile.php")
if( !empty( $_GET['name'] ) )
{
//if( is_user_logged_in() )
//{
$file_name = preg_replace( '#[^-\w]#', '', $_GET['name'] );
$the_file = "{$_SERVER['DOCUMENT_ROOT']}/wp-content/uploads/2013/05/oprotunity.jpg";
//$the_file = "{$_SERVER['DOCUMENT_ROOT']}/wp-content/uploads/2013/05/{$file_name}.jpg";
if( file_exists( $the_file ) )
{
header( 'Cache-Control: public' );
header( 'Content-Description: File Transfer' );
header( "Content-Disposition: attachment; filename={$the_file}" );
header( 'Content-Type: image/jpeg' );
header( 'Content-Transfer-Encoding: binary' );
readfile( $the_file );
exit;
}
//}
}
If I comment out the is_user_logged_in statement it works like a charm. I would like to add some conditional statements so I can serve the file to a role or even specific users by id or name. I can to the leg work but I am not sure how to get the needed functions from WordPress.
in the src area I put (wp-content directory)/thePHPfile.php?name=my-image-name
How do I use wordpress functions in the file?
In order to call Wordpress functions from an arbitrary script you'll need to include the Wordpress "start". This is not index.php. The file you need to include is wp-blog-header.php from your wordpress root directory. Once this is loaded, it will give you access to all the Wordpress functions.