my sql 5.5
I created a PHP web application and I have a web page that allows users to upload word, pdf, and excel files. Once the file is uploaded a confirmation page displays saying the file has been uploaded. Problem: even though the url is encrypted a person can take the link and send it to a individual that does not have permission to the application We created a session cookie for each logged in user but we are unable to protect the folder at the application level.
Please share suggestions or examples about different ways to protect a folder from the public. The only people that should have access are the users stored in user db table. I am having trouble finding solutions.