Jump to content

PHP - Register User Before Downloading File


johnny_v

Recommended Posts

Hello, I am new and am having a hard time with PHP. 

 

Scenario:  There are PDF files on my website that I want users to register before downloading the files.  I do not want them to login but rather provide basic information such as name and email address.  Once the form is submitted, I am not sure if I should be using PHPSESSION to validate the user.  Also, I am not sure where to place the files: either in the webroot (/var/www/) or outside.

 

I am new to PHP so please forgive me if I use terminology incorrectly.

 

Thank you for reading my question.

Link to comment
Share on other sites

johnny_v,

 

    If you don't store the user-supplied credentials (user name / PW) in a DB (like MySQL or DB2 or some such) then why have them enter it.

 

    Session variables: 

 

 

$_SESSION['UserID'] = $POST['userid']

  and

$_SESSION['Password'] = $_POST['password']

 

    don't do you much good for subsequent visits by the same user on some other date... $_SESSION var are only good until the user closes his browser.

 

    You should ask for User Name and PW, AND write them to your DB Users_table (make up your own name here...)  Then, on later visits, when the user logs in again, query the DB to see whether or not he has registered before... If he has, extract the variables from the DB and assign the DB Row values to

 

   

$_SESSION['UserID'] = $sqlResult['userid']

 

and

 

   

$_SESSION['Password'] = $sqlResult[password]

 

If he is a new user, store the info in the DB.

 

Scot L. Diddle, Richmond VA

Link to comment
Share on other sites

Thank you very much Scot for the information.

 

The main purpose of the registration is to obtain contact information.  I do not want to introduce user accounts and profiles.

 

Some sites have this functionality where you want to download a whitepaper or trial software and you must provide contact information before you are taken(granted access) to the download page/link.

 

Do you have any recommendations?

 

Thank you very much.

Link to comment
Share on other sites

Outside or inside the web root would depend on if the files have sensitive data or not.  If no- then inside is fine.

 

You could accomplish this with simple form validation.  Have them fill out a form with the necessary information and if it is all filled out- then re-direct them to the page to download the file.  Validation- if they don't enter an email address and name- then an error message is displayed and the form is not submitted.

 

 

Link to comment
Share on other sites

meltingpoint,

 

thank you for the idea.  How would I prevent users from directly accessing the link/page to the download.  Is there a way to generate a session key based on a completed form and then grant the download based on the temporary session key?

 

Thanks.

Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.