If the visitors to your site have their browser configured to handle Acrobat files then any PDFs that are called from links in a web page will be displayed in the web browser. If their browser can't handle PDFs then the file will be downloaded and opened in Adobe Reader or Adobe Acrobat if either of those is installed on the computer.
This is all well and good for PDFs that you want to allow anyone to download but what can we do if we have a member's only area on our site and we want to make sure that only people logged into the member's area can access the PDFs? The answer to this if you are using PHP to control the authentication for the member's area is to only offer access to the PDFs via PHP. The first step in doing this is to place the PDFs either above the root folder of your web site where your visitors can't access it or place it into a password protected folder where they wont be able to access anything directly without knowing what the userid and password are. We can then set up some PHP code that will authenticate that the person is already logged on to the member's area and if they are will retrieve the PDF from whereever we have put it (without needing to supply the logon id and password for any password protected folder) and then display it on the page.
Basically the authentication that you perform for this situation becomes identical with what you would do for any PHP page since that is what we are now processing so we will just look specifically at the part that retrieves and displays the PDF. Since the same situation will apply for any PDF files that you want to attach to your member's area we can set up just one PHP script and pass in the name of the pdf file that we want to display. I'll assume that you have received that field and put it into a field called $pdf. Here is the code that you will need to add after your login authentication code to get the PHP to display the PDF:
$path = 'pdfs/';
header('Content-Disposition: inline; filename="$path$pdf"');
header('Content-Length: ' . filesize($path$pdf));
The only thing you will need to change in this code is the first line where you set $path to be the rerlative or absolute path to the place where the PDFs can be found. Just don't forget the closing slash.
The rest of the code consists of the necessary headers that need to be sent to the browser so that it knows that it is meant to be displaying a PDF (in the browser if possible) with the filal line sending the PDF itself.
The important points to remember with using this is that all of your authentication code for allowing access to the file is identical with that you are using on your PHP pages because this is a PHP page, PHP can read files located above the root folder or from password protected folders simply by specifying the appropriate path, and PHP doesn't need to know the password in order to read from password protected folders.
This article written by Stephen Chapman, Felgall Pty Ltd.