Jump to content

Creating Download Links


radalin

Recommended Posts

Hi,
I have created a user system by which I force visitors to login to download anything from my server. But the thing is, I'm still not sure how I should secure download thing. I think about referrers (which I'm not very sure how to use them, I appreciate some help) then without the right referrer no one can download it. But what if the user learns the complete link! Then he will be able to download it. How can I prevent it? With an .htacces I think I can prevent people from downloading directly from the link but I'm not very sure about that. And let's say the referrer was good enough and he started to download. He uses a program like flashget and he want to resume his download. How can I handle this problem as the second time he will open the flashget referrer can be broken or old or whatever or the flashget deals it for me?

Thank you for your time
Link to comment
Share on other sites

well there are a few ways..

Store in database so then you only pull data when user logged in.. therefore no-one that hasn't got the user session set can access the download and no direct link.

You can do simular by storing all files outside of the web root and then read the file and headers intoa page upon a users session being set and work very simular to the database.

Regards
Liam
Link to comment
Share on other sites

Thanks guys. That's what I have been looking for. But there is a thing that I didn't clearly get how I could do it. In the article it said:

[quote]
The code in generate_url.php, of course has to be protected, too. The easiest way of doing that is probably to include it in the "thank-you-for-ordering-page" of your orderflow and make this file accessible only for clients coming from the secure-payment-complete-page
[/quote]

I do not know how I can check which page the client is coming from. Could you give me a link that explains this or an article abou this.
Thank you for your time.
Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.