I am trying to figure out how to use this in a wordpress environment:
From: Block direct url access but allow download
1st: .htaccess(in uploads folder)
Order Deny,Allow
Deny from all
2nd: (in wp-content folder "thePHPfile.php")
if( !empty( $_GET['name'] ) )
{
//if( is_user_logged_in() )
//{
$file_name = preg_replace( '#[^-\w]#', '', $_GET['name'] );
$the_file = "{$_SERVER['DOCUMENT_ROOT']}/wp-content/uploads/2013/05/oprotunity.jpg";
//$the_file = "{$_SERVER['DOCUMENT_ROOT']}/wp-content/uploads/2013/05/{$file_name}.jpg";
if( file_exists( $the_file ) )
{
header( 'Cache-Control: public' );
header( 'Content-Description: File Transfer' );
header( "Content-Disposition: attachment; filename={$the_file}" );
header( 'Content-Type: image/jpeg' );
header( 'Content-Transfer-Encoding: binary' );
readfile( $the_file );
exit;
}
//}
}
If I comment out the is_user_logged_in statement it works like a charm. I would like to add some conditional statements so I can serve the file to a role or even specific users by id or name. I can to the leg work but I am not sure how to get the needed functions from WordPress.
in the src area I put (wp-content directory)/thePHPfile.php?name=my-image-name
How do I use wordpress functions in the file?
