Creating Download Links
Posted 06 August 2006 - 04:42 PM
I have created a user system by which I force visitors to login to download anything from my server. But the thing is, I'm still not sure how I should secure download thing. I think about referrers (which I'm not very sure how to use them, I appreciate some help) then without the right referrer no one can download it. But what if the user learns the complete link! Then he will be able to download it. How can I prevent it? With an .htacces I think I can prevent people from downloading directly from the link but I'm not very sure about that. And let's say the referrer was good enough and he started to download. He uses a program like flashget and he want to resume his download. How can I handle this problem as the second time he will open the flashget referrer can be broken or old or whatever or the flashget deals it for me?
Thank you for your time
Posted 06 August 2006 - 04:49 PM
Store in database so then you only pull data when user logged in.. therefore no-one that hasn't got the user session set can access the download and no direct link.
You can do simular by storing all files outside of the web root and then read the file and headers intoa page upon a users session being set and work very simular to the database.
Posted 07 August 2006 - 07:57 AM
The code in generate_url.php, of course has to be protected, too. The easiest way of doing that is probably to include it in the "thank-you-for-ordering-page" of your orderflow and make this file accessible only for clients coming from the secure-payment-complete-page
I do not know how I can check which page the client is coming from. Could you give me a link that explains this or an article abou this.
Thank you for your time.
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users