Timer & Download Protection

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

wizzard
Forum Commoner
Posts: 93
Joined: Thu May 16, 2002 5:36 am
Location: Belgium
Contact:

Timer & Download Protection

Post by wizzard »

Hello,

is this possible with php to make a timer to check every hour in a table and delete the inactive sessions?

I"m working on a download system when people bought via creditcard the file they get the url to download its virtual url.
The url is open for 72hours and can be download 5 times. After this it has to be destroyed.

I create with the script a virtual dir like http://www.test.com/0121545 that has to be forwarded to the file http://www.test.com/samples/pack1.zip
After download the file in the map has to be renamed to pack22211.zip or something and when the user trys to get the file back with http://www.test.com/0121545 i need a script to relink the virtual dir to the new renamed file.

Its very difficult to protect files :( Anyone has some suggestions

Cheers
Kris
wizzard
Forum Commoner
Posts: 93
Joined: Thu May 16, 2002 5:36 am
Location: Belgium
Contact:

Post by wizzard »

anyone?
User avatar
twigletmac
Her Royal Site Adminness
Posts: 5371
Joined: Tue Apr 23, 2002 2:21 am
Location: Essex, UK

Post by twigletmac »

One way of protecting your files is to store them outside of your web root so that they cannot be called directly from the URL.

To run regular PHP scripts look at cron (if you're on Unix/Linux) or Task Scheduler (if you're on Windows).

Mac
wizzard
Forum Commoner
Posts: 93
Joined: Thu May 16, 2002 5:36 am
Location: Belgium
Contact:

Post by wizzard »

thanks ik will check this out.

One way of protecting your files is to store them outside of your web root so that they cannot be called directly from the URL => can you tell me more about it?
Nay
Forum Regular
Posts: 951
Joined: Fri Jun 20, 2003 11:03 am
Location: Brisbane, Australia

Post by Nay »

Like if you're on a Linux machine or so you might have your files in a publie_html folder. So instead of having it under the public_html folder you can put it somewhere else. See:

/
../cgi
../public_html
../mail
../files

and in the files folder, you can have your files. People won't be able to access this folder via a URL.

-Nay
User avatar
twigletmac
Her Royal Site Adminness
Posts: 5371
Joined: Tue Apr 23, 2002 2:21 am
Location: Essex, UK

Post by twigletmac »

[Edit: Nay beat me to it this time - that'll teach me to wander off in the middle of a post :lol: ]
wizzard wrote:One way of protecting your files is to store them outside of your web root so that they cannot be called directly from the URL => can you tell me more about it?
Exactly what it says on the box - if your web root is /home/me/public_html then if you created a folder called downloads in the me folder, that downloads folder would be outside of the web root.

There's a script in here (the completed version by permutations that you may find useful):
viewtopic.php?t=7736&highlight=publichtml+download

Mac
wizzard
Forum Commoner
Posts: 93
Joined: Thu May 16, 2002 5:36 am
Location: Belgium
Contact:

Post by wizzard »

A little question i have made now a folder outside the root but how can i protect something like when the people payd for the file to downlaod he can download it 5 times within 72 hours. My site is almost ready on this part is the problem.

Thanks already guys for all the great help.
User avatar
JayBird
Admin
Posts: 4524
Joined: Wed Aug 13, 2003 7:02 am
Location: York, UK
Contact:

Post by JayBird »

do you have MySQL on your server?

Mark
wizzard
Forum Commoner
Posts: 93
Joined: Thu May 16, 2002 5:36 am
Location: Belgium
Contact:

Post by wizzard »

yes
User avatar
JayBird
Admin
Posts: 4524
Joined: Wed Aug 13, 2003 7:02 am
Location: York, UK
Contact:

Post by JayBird »

this is how i would do it.

Once someone has paid, generate them a user name and password and enter it into a database with the time is was created and a field to count the number of downloads.

When the user logs in and click to download the file, check in the database that the user still has time left to download the file and they haven't downloaded to many times already.

If all is okay, let them download the file, and add 1 to the field that contains the number.

If not, tell them they have run out of time, or downlaoded too many times.

Mark
qads
DevNet Resident
Posts: 1199
Joined: Tue Apr 23, 2002 10:02 am
Location: Brisbane

Post by qads »

what Bech100 said can be made into a automatic process, once they have paid you ask them to choose a username and password, once the account is ready, let them download.

if someone wast able to downoad and was run out of time then they can email you asking for more time, you can check in the database if its true, if it is you just added more time to their account :D.

even this can be a automatic process, make a page for this where users can enter their username, check the username and number of downloads in the database, if the username is in there and the number of downloads is less then 5, add more time to their account, else tell them they are not allowed. :D
wizzard
Forum Commoner
Posts: 93
Joined: Thu May 16, 2002 5:36 am
Location: Belgium
Contact:

Post by wizzard »

How can i get a file out of a directory outside the root?
wizzard
Forum Commoner
Posts: 93
Joined: Thu May 16, 2002 5:36 am
Location: Belgium
Contact:

Post by wizzard »

anyone?
User avatar
gite_ashish
Forum Contributor
Posts: 118
Joined: Sat Aug 31, 2002 11:38 am
Location: India

Post by gite_ashish »

u can:
fopen()
fpassthru()

u alos need to set proper header() for brower to prompt download dialog box.

hope that helps
wizzard
Forum Commoner
Posts: 93
Joined: Thu May 16, 2002 5:36 am
Location: Belgium
Contact:

Post by wizzard »

fpassthru does this works for files of 50mb?
With fpassthru you don't my a virtual link to the file? You copy it?
Post Reply