Hi SaranacLake,
Here is an idea you.
But first I want to tell you that, while I have written quite a bit of PHP code, I do NOT consider myself a PHP expert. On the other hand there are many individuals on this site who ARE experts.
I have written and offered content articles and books for quite a few years (15+). Mostly I used clickbank to accomplish the transaction. then the user would be routed to a DL page. Problem I ran into, again and again was that people would get the PDF book, then immediately ask clickbank for a refund - and get it.
So I switched to print-on-demand paperbacks.
Anyway, how about after the customer pays for a book, you generate a random number, and give it to them as a password for the your DL page. You can activate that PW behind the scenes and time-limit it so 2 hours later it does not work.
Would something like that work?
Also ......
You keep saying "security". Are you concerned that someone gets FTP access to your site and can DL anything?
Hope that never happens.
Best,
xphp