Hello, I am creating a PHP application and I'm having a bit of trouble finding a solution for a problem I'm having. I need to somehow completely deny access to anyone trying to access files on a web server (likely by returning a 403 Forbidden error or something) via HTTP unless a certain condition is true, such condition would be checked on a per-connection basis. I need to find the best way to do this, I'm guessing I need to set some special settings in Apache that I can modify with PHP, but these Apache settings much obviously be configurable via PHP. As you can guess, I can write PHP well but have little experience with advanced Apache configurations.
I was thinking on that maybe if I used chmod via PHP to change the file's permissions for a validated user and have them change back when the connection is closed it would work, but if there are concurrent connections then the users connecting afterwords would have full access regardless of whether or not they are valid, the could actually just bypass the validation. Maybe there is a better way to do it like this however.
Thanks very much for the help!