Redirecting to login page

I have a download folder.

So is it possible to redirect a user to a login page when he/she tries t开发者_JS百科o download any of the files from the download folder.

I have heard this can be achieved using .htaccess, but I can't find a good tutorial.

htaccess will be activated before the PHP engine. Hence you can't use this system when you need to check if a user is logged in or not.
The way to do this is to send only logged in users to a page containing a file list for download, and when pressing the link PHP will do the actual downloading of the file to the client, using the right headers.

Example from php.net

// We'll be outputting a PDF
header('Content-type: application/pdf');

// It will be called downloaded.pdf
header('Content-Disposition: attachment; filename="downloaded.pdf"');

// The PDF source is in original.pdf
readfile('original.pdf');

The actual files you should put outside the public folders, so no danger of users surfing directly to them.

To add to the Itay's answer, you have to deny direct access to these files anyway. It can be done by

Deny from all

line in the .htaccess file,
But I'd rather place these files in a directory above document root.