Chances are your webserver provides Basic Authentication, or better yet Digest authentication (chances are your user's browsers don't, unless they're using IE 5+ or are Mozilla/Konqueror-lovin' geeks).

If you protect access to those directories (using .htacces w/Apache or whatever your webserver's equivalent is), you can simply put the files underneath the webserver's document root and make sure only those who know the password get to see them.

Without more information, I can't say much more along these lines that will help you.

HTH

perl -e 'print "How sweet does a rose smell? "; chomp ($n = <STDIN>); 
+$rose = "smells sweet to degree $n"; *other_name = *rose; print "$oth
+er_name\n"'
[download]