jenny mathew wrote:
hello group,
i have a problem and hope anybody here will be able to hep me out.
i have a downloads folder in my server which contains all the files in
zipped form to be downloaded by members.members are authenticated by
entering username and password.and when they click to download the files
,they are forwarded to the the full file url by using header function of
php.But the problem is that ,when the users click once to download a file
,they can see the whole url and so next time they can easily download the
file by entering the full url in the browser ,so there is no use of
authentication next time and this leads to bandwidth theft and the urls of
files are circulating in the emails and users are downloading the files
without becoming the user of the site and without authenticating
themselves.I know there are many professionals in this group who are very
experienced and have helped me earlier.this is a very serious problem and i
need a solution to this.What are your views?
Is there any solution for it?
waiting for your replies.
Thanks,
Jenny
Route the email link through a script that checks for availability based
on a user name, or email address; have the link as such:
http://www.somesite.org/download.php?file=<filename>&user=<login name>
When this user clicks this email, it will direct them to download.php,
where you could setup a call to a database. If this is the first time
this "user" has accessed this "file", set a flag in the database that
this link is no longer valid, and redirect the user's browser to the
file (check out the "header" function). The link in the email will only
be valid once (or as many times as you allow). You could even tie this
in with a login/password form.
HTH!
Matt Darby
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
