Jump to content

hiding files

acidglitter

By acidglitter
in PHP Coding Help

 Share

Recommended Posts

acidglitter Advanced Member

acidglitter

Posted
Posted

for the place i'm working for, i'm making an online store. and after you buy the product you can download the zip file with everything in it. whats a good way i can hide all of the zip files? because i don't want someone to find the folder they're saved in and just download everything for free

Link to comment
Share on other sites
BlueSkyIS Newbie

BlueSkyIS

Posted
Posted

Why not just send them in email?

 

file size, for one.

 

i would assign a unique value to the buyer's record and include that in a link to download. then, if the value is correct, use file() or passthrough() to send the file to the browser.

Link to comment
Share on other sites
radar Regular Member

radar

Posted
Posted

Well what i've done in the past, is store the files in a weird place, blocked by an index.html file that resembled my 404 error page.

 

Then when they purchase it, the script copies the file to another place, with a unique name for that purchase...  also inputs it in the database...  and then I setup a cron job to query the database daily, and delete all the files that are 24 hours old.

 

That did the trick for me in the past.

Link to comment
Share on other sites
acidglitter Advanced Member

acidglitter

Posted
  • Author
Posted

that sounds like a really good idea, except for some of the files might be 50 mb. so it would take too long to copy them each time someone buys something. i tried looking up passthru() but i can't figure it out at all. could you post any small examples of how i could use it to download a zip file?

Link to comment
Share on other sites
acidglitter Advanced Member

acidglitter

Posted
  • Author
Posted

why not .htaccess the folder to eliminate direct access?

 

 

direct access of just the folder, or every file? and if every file, how can you download a file?

 

 

 

what about ,giving a link in an email to something like

?itemnumber=&userid=

and then have a get on the page, setting a session then if the session is there, let them download it??

 

i would also add a random number to the link , so that they can only use it once

 

the problem i'm having is i can't figure out how to download a file without just going to the files address

 

 

You can use a force download script, which also serves the purpose of hiding the file location.

 

http://w-shadow.com/blog/2007/08/12/how-to-force-file-download-with-php/

 

 

thanks for the link. it almost works. except it somehow only downloads the zip and not whats in it

Link to comment
Share on other sites
  • 2 weeks later...
acidglitter Advanced Member

acidglitter

Posted
  • Author
Posted

okay i found one that works. :)

everything seems to be working now. i tried clicking the download link that downloads the file with php and it worked. and i tried going to the file directly and i can't without a password (and the password doesn't exist). does that sound like enough? or is there still a way around that?

Link to comment
Share on other sites
discomatt Member

discomatt

Posted
Posted

I'm working on a script that will grab large files from a folder outside of web root, zip (without compression) and serve them on the fly using minimal server memory.

 

It uses a flatfile or mysql database to store crc32 checksums of files (the only slow part at the moment, but only has to be loaded once per file, so it can be eliminated by pre-hashing the checksum)

 

It's almost complete, just needs a little more error checking and debugging... if you're interested in it send me a PM and I'll let you know when it's finished.

 

This script is completely useless if you only need to serve 1 file at a time though... it's more meant for serving several random files dynamically

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.