hiding download source location

[jbadziak]

hello all:

i am trying to write a system that will hide the location of a file download so people can not download the files without being logged into the system.  i found a tutorial to do this on phpfreaks a few years ago, but i tried looking today and was not able to find anything, but that could easily have been because it is under a different name now.

what i'm looking for is something that shows the link as (domain_name)/download.php?id=859, and when someone clicks on the link, the regular "file download" pops up asking the user where they would like to save the file to.

does anyone know where i might be able to find something like this?  i would prefer a tutorial as i have to do a number of other things in addition to this.

any help is greatly apprecaited.

thanks.

[Daniel0]

Something like this should do it: [code]<?php
include 'functions.php'; // contains functions to check if the user is logged in
include 'db.php'; // connects to the database

if(is_logged_in())
{
$id = intval($id);
$query = mysql_query("SELECT * FROM downloads WHERE id='{$id}' LIMIT 1");
if(mysql_num_rows($query) <= 0)
{
echo "Sorry, no such file.";
}
else {
$file_info = mysql_fetch_assoc($query);

header("Pragma: public");
header("Expires: 0");
header("Cache-Control: must-revalidate, post-check=0, pre-check=0");
header("Content-Type: application/force-download");
header("Content-Disposition: attachment; filename=".basename($file_info['path']));
header("Accept-Ranges: bytes");
header("Content-Length: ".filesize($file_info['path']));
header("Content-Description: File Transfer");

@readfile($file_info['path']);
die();
}
}
else {
echo "Sorry, you need to be logged in to download this file.";
}
?>[/code]