Make A DownLoad Page ... Help???

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
trazan
Forum Newbie
Posts: 15
Joined: Fri Nov 13, 2009 8:41 pm

Make A DownLoad Page ... Help???

Post by trazan »

hi every body
sorry cuz my english is not perfect
i try to make a download page
1- i uploaded a file by th FTP
2- i enterd the place ( path ) of the file in a table on the data base
now i want to make a download page but pervent users from knowing the url of the file
like rapidshre.com i can't copy the Direct Download link and share it with other people
i use this code

Code: Select all

<?
    $filename = '55.zip';
        $data = file_get_contents('55.zip') ;
        if($data)
        {
            $_SESSION['downloadfile'] = $filename;
                header("Content-Disposition: attachment; filename=$filename");
                echo $data;
        }
?>
But If Some One Clicked On The DownLoad Right Click ( On FireFox ) And Choise Copy Download Link He Can Share The Direct Link With Others And he will put in his for example and every body will download it without enter my site
but in rapidshre or hotfile .... etc ihe can't do that
any one can help me????

[/b]
User avatar
iankent
Forum Contributor
Posts: 333
Joined: Mon Nov 16, 2009 4:23 pm
Location: Wales, United Kingdom

Re: Make A DownLoad Page ... Help???

Post by iankent »

At the top of the page start a session and check whether a specific key is set, e.g.

Code: Select all

session_start();
if(!isset($_SESSION['hello']) {
    // redirect user to another page or display something
    // once they've viewed whichever page you want, make sure to set $_SESSION['hello'], e.g.
    $_SESSION['hello'] = 1;
    header('Location: /index.php');
    exit();
}
// session variable 'hello' exists, so we're ok to download file
 
that way, if somebody copies the link and sends it to somebody else, the 'hello' session variable doesn't exist yet so the user is redirected to wherever you want. If somebody has visited the site before, or if they've been redirected to the other page, the 'hello' variable exists in $_SESSION and so it should be ok to give the file.

not fail safe, but should do the trick
User avatar
Weiry
Forum Contributor
Posts: 323
Joined: Wed Sep 09, 2009 5:55 am
Location: Australia

Re: Make A DownLoad Page ... Help???

Post by Weiry »

Your other alternative to having to initiate a session, would be to use a $_POST value.

On rapidshare for example, you can go to the link. It will display some numbers/letters you need to enter.
Then you send that information to the download page.

Code: Select all

# Page1 - Input.php
print "Please type in the phrase you see: (captcha code)<br/>
<form action='download.php?id={$_GET['id']}' method='post'>"; // where $_GET['id'] is the id number of your download file.
// you could leave the ID as a GET value so that they can link to the FILE URL, but not the FILE LOCATION.
print "
<input type='text' size='7' name='captchaCode'/><br/>
<input type='submit' value='Download' name='dlAuth'/>
</form>";
 
# Page 2 - checkSubmit.php
function checkCaptcha($captchaCode,$fileID){
   if(CAPTCHA CODE && FILEID ARE CORRECT){
      // do the download
      return true
   }else{
      // return captcha error
      return false;
   }
}
 
# Page 3 - Download.php
require_once("checkSubmit.php");
if(checkCaptcha($_POST['captchaCode'],$_GET['id'])){
   //do the download
}else{
   // redirect
}
I won't go into how to go about how you could do your checks, but this is another solution. This solution may very well be harder to implement, but also provides a little more security over simple sessions. This would mean that if a person has visited the site before, they will still need to input the verification text on the input page.
Post Reply