Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 2 of 2
  1. #1
    New to the CF scene
    Join Date
    Mar 2011
    Posts
    1
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Exclamation How to do a protected file download

    Hello,

    I've got a login system for my site and it all works fine and dandy for protecting pages.

    However what I would like to do is allow people who are logged in to download a file and prevent people direct linking to the file.

    I don't know if I have to use htaccess for this or php or combination of both... How would I do this?

    Thank-you.
    Last edited by Jabster; 03-22-2011 at 01:37 PM.

  • #2
    Senior Coder
    Join Date
    Feb 2011
    Location
    Your Monitor
    Posts
    4,363
    Thanks
    61
    Thanked 530 Times in 517 Posts
    There are several ways to do this and the there was a debate about it a while back on this or sitepoints forum as to whether or not it actually works.

    I personally think that this method does work as long as you take the correct steps to protect the file download.

    Firstly you need to be on a server which lets you use set_time_limit() because you really need your php script to be outputting the file stream in a loop.

    Second you need to store the files outside of your public_html so that people cannot directly access them any other way other than use your script. That way your script is the only way to access the files.

    Thirdly you need to make use of register_shutdown_function() to determine if the file download was finished or not. If not you keep your download details active in the database. If it was completed then you just adjust those details so that the script knows not to offer it for download again.

    It's not really an easy one to show you in code but if you look at ways of doing what I've said above and break it down you should be able to come up with your own code.
    See my new CodingForums Blog: http://www.codingforums.com/blogs/tangoforce/

    Many useful explanations and tips including: Cannot modify headers - already sent, The IE if (isset($_POST['submit'])) bug explained, unexpected T_CONSTANT_ENCAPSED_STRING, debugging tips and much more!


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •