Nitsan Bin-Nun wrote:
What do you mean by session variables?
I should register a new session and pass it along with the file to the
PHP wrapper?
Yes - in the page that links to your downloads you can do something like
$_SESSION['download']=TRUE;
then in the wrapper -
if (isset($_SESSION['download'])) {
$allowed=$_SESSION['download']
} else {
$allowed=FALSE;
}
the check the $allowed variable.
Only way the file will be sent is if they have been to your site that
creates a session for them and sets the $_SESSION['download'] variable
to TRUE.
You can check whatever you want from the session variables.
For some of my files, I check the userid in the session variable and
make sure the user is allowed to download it. If they aren't, they get a
401 forbidden header and page.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
