Jump to content

Hide URL

PaulFOz

By PaulFOz
in PHP Coding Help

 Share

Recommended Posts

Jocka Regular Member

Jocka

Posted
Posted
The best way is by saving the information in the database with ID's or some identifier.

Then create download.php with something like this:
[code]
$id = $_GET['id'];

$query = mysql_query("SELECT * FORM table WHERE id='" . $id . "'");
$row = mysql_fetch_array($query);

// LETS ASSUME THE FILE NAME FIELD IS file_name
header("Location: download/directory/".$row['file_name']);[/code]
Link to comment
Share on other sites
CheesierAngel Newbie

CheesierAngel

Posted
Posted
create a script inbetween your link-button (or form) and your actual script.

Linkspage:
[code]
<form action="links.php" method="post">
  <input type="hidden" name="cmd" value="link1">
<input type="submit" value="GoToThisLink">
</form>
[/code]

Your script inbetween:
<?php
if($_POST['cmd'] == "link1") {
  header(Location: http://www.blahblah.com");
}
?>
Link to comment
Share on other sites
PaulFOz Newbie

PaulFOz

Posted
  • Author
Posted
Cheesier...

I tried your code and got:
Parse error: parse error, unexpected ':' in /home/nas01l/c/coolgorilla.com/user/htdocs/links.php on line 11

I'm testing it by just linking to an image from the site so the code is:

<?php
if($_POST['cmd'] == "link1") {
  header(Location: http://www.coolgorilla.com/images/banner.png");
}
?>


Any help please?
Link to comment
Share on other sites
PaulFOz Newbie

PaulFOz

Posted
  • Author
Posted
Cheesier,

Now i get:

Warning: Cannot modify header information - headers already sent by (output started at /home/c/coolgorilla.com/user/htdocs/links.php:9) in /home/c/coolgorilla.com/user/htdocs/links.php on line 11

I've found something that displays a link to a zip file like this this:

<a href="/linkguarddemo.php/download.zip?linkguardauth=ZG93bmxvYWQuemlwLDExNjQ4OTI0MzksODAuNC4yMjQuOCwzLDEsZTBhZjM0NTI2ZDcwMDE4NzUwZjRlYzY5NWExNTI4NGY%3D">Download Test Link Here</a>

Any help?
Link to comment
Share on other sites
Jocka Regular Member

Jocka

Posted
Posted
thats encoded. You can create an encode for yourself if you like but that may be a little more advanced and out of your way at the moment.

The only reason you should get the error headers already sent is if you print something to the page.. are you echoing anything prior to the redirection? or are you using ONLY the code he gave you?
Link to comment
Share on other sites
Jocka Regular Member

Jocka

Posted
Posted
well he had two php starts in the code i just saw so try it again with:

<?php
if($_POST['cmd'] == "link1") {
  header("Location: http://www.coolgorilla.com/images/banner.png");
}
?>

And encryption can be easy or hard but you need 2 way encryption and to keep people from being able to decrypt it (or most people) you need your own encryption method. it can be as simple as stripping the http:// section and replacing a few letters of the alpha bet (and periods, dont' forget to replace the period). Usually it's not that hard to create a simple encryption by just replacing letters though. Look into preg_replace and read up on arrays and thats all you'll really need.
Link to comment
Share on other sites
PaulFOz Newbie

PaulFOz

Posted
  • Author
Posted
On the first page it's:
[code]
<html>
<head>
<title>blah</title>
</head>
<body>



<form action="links.php" method="post">
  <input type="hidden" name="cmd" value="link1">
<input type="submit" value="GoToThisLink">
</form>


</body>
</html>
[/code]

and on 'links.php' it's:

[code]
<html>
<head>
<title>blah</title>
</head>
<body>



<?php
if($_POST['cmd'] == "link1") {
  header("Location: http://www.coolgorilla.com/images/banner.png");
}
?>


</body>
</html>
[/code]

The final project it obviously won't be a graphic... it's an .exe file.

Cheers
Link to comment
Share on other sites
CheesierAngel Newbie

CheesierAngel

Posted
Posted
You shouldn't write on the links.php page the <html> tags.

The links.php should look like this (nothing more, nothing less):
[code]
<?php
if($_POST['cmd'] == "link1") {
  header("Location: http://www.coolgorilla.com/images/banner.png");
}
?>
[/code]

Modification:

This because the user accessing this page will never see this page...
PHP gave you the error because you wanted to write/transmit some header information to the user.
[code]
<html>
<head>  <!-- And here is your header output to the user -->
  ....
</head>
<body> <!-- Here is some information you are transmitting to the user -->
  <?php
    if(...) {
      /*
        * Sending again some header information after the headers where already send by the html header tag
        * and after you already transfered some content to the user by the <body> tags.
      */
      header(...);  // Nothing may be outputted already to the user when using this function !!!
    }
  ?>
  </body>
</html>
[/code]
Link to comment
Share on other sites
PaulFOz Newbie

PaulFOz

Posted
  • Author
Posted
What about for a simple workaround place the file in a folder with a REALLY long name that can't display in the status bar? Ugly but effective.

So using your method cheesier do you think that it woul be 'impossible' for someone to locate the true URL? If so how?

Cheers
Link to comment
Share on other sites
Daniel0 Advanced Member

Daniel0

Posted
Posted
None of the above snippets will hide any URL at all. This will however:

[code]<?php
$downloads_path = "/var/www/downloads/";

$file = $downloads_path.$filename;

if(preg_match('/(\.\.\/)/',$_GET['file']))
{
die("Access denied!");
}

if(!file_exists($file) || !is_readable($file) || !is_file($file))
{
die("Error: The file do not exist, is not a file or is not readable!");
}

header("Pragma: public");
header("Expires: 0");
header("Cache-Control: must-revalidate, post-check=0, pre-check=0");
header("Content-Type: application/force-download");
header("Content-Disposition: attachment; filename=".basename($file));
header("Content-Description: File Transfer");
header("Accept-Ranges: bytes");
header("Content-Length: ".filesize($file));

@readfile($file);
?>[/code]

Edit: I'm not sure if the filename check (the preg_match) is perfectly safe.
Link to comment
Share on other sites
The Little Guy Prolific Member

The Little Guy

Posted
Posted
I would a use an .htaccess file to do this, and a database.

The .htacess file would redirect to a page, which would call the row from the database, which would then display a download screen with the proper download.

The database would have two columns, one for the download file name, and one for a unique number that corresponds to the file name.

So you would then search the database for the number say it is "111111" and the corresponding file is "file.zip" and then you would use an include "/path/to/file/file.zip";

And in the address bar it should say http://mysite.com/download_page/111111
Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.