How do you protect folders so that only certain user groups can access them.
i have a login system which assigns usernames to certain groups (admin, member plus, member and guest) and i want to only allow the groups to download certain files. so far im doing this by puting the files in different folders (admin/member plus/ member/ guest) but there is nothing stopping someone from downloading a file if they knnow the link to the file.
My First question is : is there a way to give the groups access to certain files like put them in a passworded folder then link the individual files through mysql that has a allowed user group row.
My secong question is: I’m using Sha512 hash on the password along with two salts (one stored in mysql and one in the PHP login script), a recaptura box, mysql injection pretection (magic slashes and Limit 1). Would whirlpool be abetter hash algorithm and can i add any more security.
