jonoc33 Posted January 13, 2008 Share Posted January 13, 2008 Not sure if you're able to do it in PHP, but how exactly would you create temporary download links which expire after a certain time? I don't exactly want to fork out $127 to get the script that does this..' I've looked on the net and found this: .htaccess: <Files *.rar> Order Deny, Allow Deny from All </Files> If I have that, what PHP script would download the file ignoring that .htaccess? Quote Link to comment https://forums.phpfreaks.com/topic/85767-solved-creating-temporary-download-links/ Share on other sites More sharing options...
p2grace Posted January 13, 2008 Share Posted January 13, 2008 What I do for this is create a secured link (i.e www.domain.com/?file=sdfsf432efk23j42kllke) that is unique to the downloader and expires after a given period of time. When clicking on the link, the system checks to see if it has expired, and if it hasn't it does a header redirect based off of that link to the file. That way the user never sees where it's being downloaded from. Note: In order for this to work you can't use files that browsers can open inherently (i.e. pdf or doc), the browser must prompt the user to open/save the file. You can still use those files but you need to setup special scripts to handle them so the browser won't try and open it automatically. Quote Link to comment https://forums.phpfreaks.com/topic/85767-solved-creating-temporary-download-links/#findComment-437759 Share on other sites More sharing options...
jonoc33 Posted January 13, 2008 Author Share Posted January 13, 2008 I understand what you're saying, but what my question is is how to make that secured link and how it expires. Quote Link to comment https://forums.phpfreaks.com/topic/85767-solved-creating-temporary-download-links/#findComment-437771 Share on other sites More sharing options...
cooldude832 Posted January 13, 2008 Share Posted January 13, 2008 temporary file downloads are best handled this way Person A triggers something to activate a download Server queries MySQL database for that files bianries (In a blob field) Server then make a document with the headers reflective of that file type and set them to initialize download (See the header page on php.net) the content is then streamed. The file never truly exist more than at the time of download so it is 100% controlled in php so you can limit it based on a session being set or payment or something else. Quote Link to comment https://forums.phpfreaks.com/topic/85767-solved-creating-temporary-download-links/#findComment-437774 Share on other sites More sharing options...
Hypnos Posted January 13, 2008 Share Posted January 13, 2008 Using header() will not secure the location of the download. People will still be able to see the location of the file and hotlink to it. For what you want, putting the file in a directory that isn't public, and piping the entire file through a PHP script is best. http://us3.php.net/readfile Quote Link to comment https://forums.phpfreaks.com/topic/85767-solved-creating-temporary-download-links/#findComment-437777 Share on other sites More sharing options...
cooldude832 Posted January 13, 2008 Share Posted January 13, 2008 Using header() will not secure the location of the download. People will still be able to see the location of the file and hotlink to it. For what you want, putting the file in a directory that isn't public, and piping the entire file through a PHP script is best. http://us3.php.net/readfile Of course not. Its how you allow access to that, you use logic like <?php if($_SESSION['allow_download'] == "yes"){ //Set headers and query for file } else{ echo "You aren't allowed to download that file!"; } ?> Headers are used to dictate the download stream as most people won't realize you need to set headers for a download. Quote Link to comment https://forums.phpfreaks.com/topic/85767-solved-creating-temporary-download-links/#findComment-437780 Share on other sites More sharing options...
Hypnos Posted January 13, 2008 Share Posted January 13, 2008 I was talking about p2grace's mention of using header redirects. Quote Link to comment https://forums.phpfreaks.com/topic/85767-solved-creating-temporary-download-links/#findComment-437783 Share on other sites More sharing options...
jonoc33 Posted January 13, 2008 Author Share Posted January 13, 2008 Don't worry about it, i've worked it out. Basically, i've made it so it accesses the file through md5. It then checks through a session if you are authorized to download it. If not, it redirects you away. It hides the link of the file through the md5 sum, so it is quite safe. Thanks for the idea guys. Quote Link to comment https://forums.phpfreaks.com/topic/85767-solved-creating-temporary-download-links/#findComment-437862 Share on other sites More sharing options...
cooldude832 Posted January 13, 2008 Share Posted January 13, 2008 not a very smart way as md5 has been proven crackable, the point is to secure inside the file they access, not the path to it. Quote Link to comment https://forums.phpfreaks.com/topic/85767-solved-creating-temporary-download-links/#findComment-438161 Share on other sites More sharing options...
CtrlAltDel Posted January 13, 2008 Share Posted January 13, 2008 $127 wow, i use this script it does all that i need and more, have a look here, its £30 ($60) http://scripts.syndikut.org/php_quick_download_v3.html P.S. I am not associated with them at all, except for being a customer Quote Link to comment https://forums.phpfreaks.com/topic/85767-solved-creating-temporary-download-links/#findComment-438170 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.