acidglitter Posted May 8, 2008 Share Posted May 8, 2008 for the place i'm working for, i'm making an online store. and after you buy the product you can download the zip file with everything in it. whats a good way i can hide all of the zip files? because i don't want someone to find the folder they're saved in and just download everything for free Quote Link to comment https://forums.phpfreaks.com/topic/104771-hiding-files/ Share on other sites More sharing options...
Cory94bailly Posted May 8, 2008 Share Posted May 8, 2008 Why not just send them in email? And for that.. I would say put a password? Quote Link to comment https://forums.phpfreaks.com/topic/104771-hiding-files/#findComment-536356 Share on other sites More sharing options...
BlueSkyIS Posted May 8, 2008 Share Posted May 8, 2008 Why not just send them in email? file size, for one. i would assign a unique value to the buyer's record and include that in a link to download. then, if the value is correct, use file() or passthrough() to send the file to the browser. Quote Link to comment https://forums.phpfreaks.com/topic/104771-hiding-files/#findComment-536386 Share on other sites More sharing options...
radar Posted May 8, 2008 Share Posted May 8, 2008 Well what i've done in the past, is store the files in a weird place, blocked by an index.html file that resembled my 404 error page. Then when they purchase it, the script copies the file to another place, with a unique name for that purchase... also inputs it in the database... and then I setup a cron job to query the database daily, and delete all the files that are 24 hours old. That did the trick for me in the past. Quote Link to comment https://forums.phpfreaks.com/topic/104771-hiding-files/#findComment-536390 Share on other sites More sharing options...
BlueSkyIS Posted May 8, 2008 Share Posted May 8, 2008 also a good idea. Quote Link to comment https://forums.phpfreaks.com/topic/104771-hiding-files/#findComment-536394 Share on other sites More sharing options...
acidglitter Posted May 13, 2008 Author Share Posted May 13, 2008 that sounds like a really good idea, except for some of the files might be 50 mb. so it would take too long to copy them each time someone buys something. i tried looking up passthru() but i can't figure it out at all. could you post any small examples of how i could use it to download a zip file? Quote Link to comment https://forums.phpfreaks.com/topic/104771-hiding-files/#findComment-540392 Share on other sites More sharing options...
severndigital Posted May 14, 2008 Share Posted May 14, 2008 why not .htaccess the folder to eliminate direct access? Quote Link to comment https://forums.phpfreaks.com/topic/104771-hiding-files/#findComment-540529 Share on other sites More sharing options...
DeanWhitehouse Posted May 14, 2008 Share Posted May 14, 2008 what about ,giving a link in an email to something like ?itemnumber=&userid= and then have a get on the page, setting a session then if the session is there, let them download it?? i would also add a random number to the link , so that they can only use it once Quote Link to comment https://forums.phpfreaks.com/topic/104771-hiding-files/#findComment-540555 Share on other sites More sharing options...
haku Posted May 14, 2008 Share Posted May 14, 2008 You can use a force download script, which also serves the purpose of hiding the file location. http://w-shadow.com/blog/2007/08/12/how-to-force-file-download-with-php/ Quote Link to comment https://forums.phpfreaks.com/topic/104771-hiding-files/#findComment-540576 Share on other sites More sharing options...
acidglitter Posted May 15, 2008 Author Share Posted May 15, 2008 why not .htaccess the folder to eliminate direct access? direct access of just the folder, or every file? and if every file, how can you download a file? what about ,giving a link in an email to something like ?itemnumber=&userid= and then have a get on the page, setting a session then if the session is there, let them download it?? i would also add a random number to the link , so that they can only use it once the problem i'm having is i can't figure out how to download a file without just going to the files address You can use a force download script, which also serves the purpose of hiding the file location. http://w-shadow.com/blog/2007/08/12/how-to-force-file-download-with-php/ thanks for the link. it almost works. except it somehow only downloads the zip and not whats in it Quote Link to comment https://forums.phpfreaks.com/topic/104771-hiding-files/#findComment-542351 Share on other sites More sharing options...
DeanWhitehouse Posted May 15, 2008 Share Posted May 15, 2008 what about , having the file with a dodgy extension like .jpgi and then on the downlaod page, use preg replace and delete the i ??? Quote Link to comment https://forums.phpfreaks.com/topic/104771-hiding-files/#findComment-542408 Share on other sites More sharing options...
DarkWater Posted May 15, 2008 Share Posted May 15, 2008 .htaccess would not allow access through a browser, but PHP could still get the file. Quote Link to comment https://forums.phpfreaks.com/topic/104771-hiding-files/#findComment-542417 Share on other sites More sharing options...
acidglitter Posted May 27, 2008 Author Share Posted May 27, 2008 thanks for all of the replies. i think my only issue now is i want to be able to put a link that says download, and when you click it that box pops up asking to save the file. can someone post an example of what php code would load the file like that? Quote Link to comment https://forums.phpfreaks.com/topic/104771-hiding-files/#findComment-551175 Share on other sites More sharing options...
haku Posted May 27, 2008 Share Posted May 27, 2008 The link I posted earlier does that for you. Or you can google a different one. You want a 'force download' script. Quote Link to comment https://forums.phpfreaks.com/topic/104771-hiding-files/#findComment-551234 Share on other sites More sharing options...
acidglitter Posted June 2, 2008 Author Share Posted June 2, 2008 okay i found one that works. everything seems to be working now. i tried clicking the download link that downloads the file with php and it worked. and i tried going to the file directly and i can't without a password (and the password doesn't exist). does that sound like enough? or is there still a way around that? Quote Link to comment https://forums.phpfreaks.com/topic/104771-hiding-files/#findComment-556083 Share on other sites More sharing options...
discomatt Posted June 2, 2008 Share Posted June 2, 2008 I'm working on a script that will grab large files from a folder outside of web root, zip (without compression) and serve them on the fly using minimal server memory. It uses a flatfile or mysql database to store crc32 checksums of files (the only slow part at the moment, but only has to be loaded once per file, so it can be eliminated by pre-hashing the checksum) It's almost complete, just needs a little more error checking and debugging... if you're interested in it send me a PM and I'll let you know when it's finished. This script is completely useless if you only need to serve 1 file at a time though... it's more meant for serving several random files dynamically Quote Link to comment https://forums.phpfreaks.com/topic/104771-hiding-files/#findComment-556086 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.