spires Posted August 16, 2006 Share Posted August 16, 2006 Hi, I have created a shopping cart that sells MP3s.Do you know if there is a way of stopping customers from going back a page? (once they have downloaded) e.g 1 - Login 2 - Download track (goes to download page). 3 - once downloaded goback to Download track (with the quantity refreshed).4 - Download next track etcif you follow this path there is no problems, however, when you are at stage 3, and use the browser back button, instead of the link providedthe quantity does not refresh and you can download thousends if you choose.Is there any way of stoping this?Thanks Quote Link to comment Share on other sites More sharing options...
Jocka Posted August 16, 2006 Share Posted August 16, 2006 save all their selected tracks in the database and call to see what tracks they have selected and how many they selected. If so many then they can't get anymore, etc.. you get the idea? Quote Link to comment Share on other sites More sharing options...
tomfmason Posted August 16, 2006 Share Posted August 16, 2006 Ok I use this script for downloading scripts and templates. You should be able to change it to suite your needs. Ok after they download a file I update a table in the db. I call my table downloads. Here is the fields that I have in the downloads.[list][*]download_id[*]username[*]filename[*]date_downloaded[/list]And here is the download.php[code]<?phpfunction getaction($action) { switch($action) { case "download": function getdownload($type) { switch($type) { case "free": if ($_SERVER['HTTP_REFERER'] !== "http://www.yoursite.com/yourpage.php") { header("HTTP/1.1 404 Not Found"); } if (!$_SESSION['username']) { echo "You must be a member to download this file<br />"; include("login.php"); exit; } $username = $_SESSION['username']; $filename = $_GET['filename']; $sql = mysql_query("INSERT INTO `downloads` (`username`, `filename`, `date_downloaded`) VALUES ('$username', '$filename', now())"); header("Pragma: public"); header("Expires: 0"); header("Cache-Control: must-revalidate, post-check=0, pre-check=0"); header("Content-Type: application/force-download"); header( "Content-Disposition: attachment; filename=".basename($filename)); header( "Content-Description: File Transfer"); header('Accept-Ranges: bytes'); header('Content-Length: ' . filesize($filename)); @readfile($filename); break; case "paid": if ($_SERVER['HTTP_REFERER'] !== "http://www.yoursite.com/something.php") { header("HTTP/1.1 404 Not Found"); } if (!$_SESSION['username']) { echo "You must be a member to download this file<br />"; include("login.php"); exit; } $filename = $_GET['filename']; $username = $_SESSION['username']; $sql = sprintf("SELECT COUNT(*) as `download_chek` FROM `downloads` WHERE `username` = '$%s' AND `filename` = '%s'", $username, $filename); $res = mysql_query($sql) or die(mysql_error()); $download_check = mysql_result($res, 0, 'download_check'); if ($download_check > 0) { echo "You may not download this file more then once"; include("somepage.php"); exit(1); } $q = mysql_query("INSERT INTO `downloads` (`username`, `filename`, `date_downloaded`) VALUES ('$username', '$filename', now())"); header("Pragma: public"); header("Expires: 0"); header("Cache-Control: must-revalidate, post-check=0, pre-check=0"); header("Content-Type: application/force-download"); header( "Content-Disposition: attachment; filename=".basename($filename)); header( "Content-Description: File Transfer"); header('Accept-Ranges: bytes'); header('Content-Length: ' . filesize($filename)); @readfile($filename); break; } } getdownload($_GET['type']); break; }}getaction($_GET['action']); ?>[/code]You may need to change the location of the download directory to your directory but this should work. I use it for my downloads. This will hide the location of your file and will prevent directlinking . Now you link to it like this [b]download.php?action=download&type=paid&filename=whatever.zip[/b] Quote Link to comment Share on other sites More sharing options...
spires Posted August 16, 2006 Author Share Posted August 16, 2006 Cheers mate i shall try it out. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.