I've Content management systems having a script that's performed for every file that's utilized within the folder /files.

I have set this track of a RewriteRule in /files/.htaccess

RewriteRule ^(.*) ../file_tracker?path=/$1

There a couple of things the file_tracker.php script must do:

  • Monitoring: have a log of the number of occasions personal files was utilized so when it had been last utilized.
  • Authorization: for example files in /files/secure need a login-session.

If you have a script such as this, you must do a lot more, for example:

  • Return a 404 status code when the file does not exist - takes a file_exists check
  • Output the right MIME-type headers - this can be a nightmare in PHP should you allow any filetype to become offered
  • Output sensible caching headers - custom E-tags?

I would like this script to become as quickly as possible because some pages have lots of files, a 100ms overhead has already been an excessive amount of. At this time I am considering an easy log to complete the monitoring, having a scheduled task that is going to do the majority updates. Authorization could be more resource intensive however i guess I can not avoid that. The final part I must have Apache do, because it appears to be really proficient at it: correct headers, E-tags for caching, and all sorts of that fanciness.

I am confident I can not be the sole one with this particular problem. Any suggestions?


Upd: I've no code to exhibit because there's no relevant code. The items I possibly could implement are extremely trivial it isn't even worth posting. It is really an advance subject. 'use header()' isn't the type of suggestions I am searching for.


X-Sendfile will be the perfect solution, but it is not enabled automatically of all hosts, and so i can't depend onto it.

I guess this just boils lower to gain access to signing in PHP. The authorization is really a different problem altogether. I'll close this making a brand new one.