Larry has made a good suggestion. This is something that works because i have also used something simiar. If you really want to get a sophisticated you can use a a simple shopping cart. In our site when we give free downloads for selected users we just inject a zero valued order into the database.
Larry Brown wrote:
You could have your authorization info in the mysql db including file locations that are stored along with the authorization level necessary to download them. If the person is authenticated to download the file, the php script uses the file location info from the db to open the file and generate the headers necessary to start the download. This way the end user never has to have direct access to the download directory and you don't have to copy the file into a temporary directory.
Larry
-----Original Message----- From: news.php.net [mailto:[EMAIL PROTECTED] Sent: Tuesday, December 30, 2003 2:13 PM To: [EMAIL PROTECTED] Subject: [PHP] How do I protect downloadable files?
Hello, I have wrtten a PHP based web site with a MySql backend and now I want to password protect downloadable files. I have logon and session handling taken care of but I can't figure out how to only allowed those who are currently logged in and above a certain security level to access the downloadable content and prevent bookmarking of the file location for redownloading.
-- Raditha Dissanayake. ------------------------------------------------------------------------ http://www.radinks.com/sftp/ | http://www.raditha.com/megaupload Lean and mean Secure FTP applet with | Mega Upload - PHP file uploader Graphical User Inteface. Just 150 KB | with progress bar.
-- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
