Hi there,
I would be interested in doing this job, but I would need more clarifications:
What kind of security?
Just restricting access to the pdf directory? Do they have a way to reassure that only privileged users can access a pdf?
The privileged user, is he supposed to be able to browse all files there or just one?
Why not send the pdf as attachment via email?
I would need to know if pdf files are generated on the fly when user clicks a link (might restrict access with an access code sent via email) or they are just stored there all the time?