I seem to have terrific luck when Googling answers for other people but never when trying to find something for myself.

I've got to create a download link so that the served file is only presented to specific people. I've already got access control in place whereby I can restrict visitors based on userID entries in a database, bt now I need to be able to serve them a file without having a static path to that file. Otherwise that path can be copied and pasted anywhere for anyone to download the same file.

I'm thinking I can put the file outside the path of the normal web hierarchy and then serve it up directly from a PHP landing page that can only be gotten to with the access control (user ID) mechanism I mentiond above. That should mean it's impossible to distribute a link directly to the file (no one would know where the file was stored) and a link to the landing page would only prompt for user ID credentials again.

Does anyone have any tips for generating this dynamic download?

There are other ways to accomplish this type of thing such as creating entries in an .htaccess file in the same path as the download file, but that can get pretty hairy pretty fast when dealing with a lot of users (about 5000) unless entries were periodically trimmed.

Anyway, I'm all ears...