Page 1 of 2
Timer & Download Protection
Posted: Tue Nov 11, 2003 6:53 am
by wizzard
Hello,
is this possible with php to make a timer to check every hour in a table and delete the inactive sessions?
I"m working on a download system when people bought via creditcard the file they get the url to download its virtual url.
The url is open for 72hours and can be download 5 times. After this it has to be destroyed.
I create with the script a virtual dir like
http://www.test.com/0121545 that has to be forwarded to the file
http://www.test.com/samples/pack1.zip
After download the file in the map has to be renamed to pack22211.zip or something and when the user trys to get the file back with
http://www.test.com/0121545 i need a script to relink the virtual dir to the new renamed file.
Its very difficult to protect files

Anyone has some suggestions
Cheers
Kris
Posted: Tue Nov 11, 2003 8:12 am
by wizzard
anyone?
Posted: Tue Nov 11, 2003 8:45 am
by twigletmac
One way of protecting your files is to store them outside of your web root so that they cannot be called directly from the URL.
To run regular PHP scripts look at cron (if you're on Unix/Linux) or Task Scheduler (if you're on Windows).
Mac
Posted: Tue Nov 11, 2003 9:02 am
by wizzard
thanks ik will check this out.
One way of protecting your files is to store them outside of your web root so that they cannot be called directly from the URL => can you tell me more about it?
Posted: Tue Nov 11, 2003 9:40 am
by Nay
Like if you're on a Linux machine or so you might have your files in a publie_html folder. So instead of having it under the public_html folder you can put it somewhere else. See:
/
../cgi
../public_html
../mail
../files
and in the files folder, you can have your files. People won't be able to access this folder via a URL.
-Nay
Posted: Tue Nov 11, 2003 9:48 am
by twigletmac
[Edit: Nay beat me to it this time - that'll teach me to wander off in the middle of a post

]
wizzard wrote:One way of protecting your files is to store them outside of your web root so that they cannot be called directly from the URL => can you tell me more about it?
Exactly what it says on the box - if your web root is /home/me/public_html then if you created a folder called downloads in the me folder, that downloads folder would be outside of the web root.
There's a script in here (the completed version by permutations that you may find useful):
viewtopic.php?t=7736&highlight=publichtml+download
Mac
Posted: Tue Nov 11, 2003 11:09 am
by wizzard
A little question i have made now a folder outside the root but how can i protect something like when the people payd for the file to downlaod he can download it 5 times within 72 hours. My site is almost ready on this part is the problem.
Thanks already guys for all the great help.
Posted: Tue Nov 11, 2003 11:24 am
by JayBird
do you have MySQL on your server?
Mark
Posted: Tue Nov 11, 2003 11:26 am
by wizzard
yes
Posted: Tue Nov 11, 2003 11:31 am
by JayBird
this is how i would do it.
Once someone has paid, generate them a user name and password and enter it into a database with the time is was created and a field to count the number of downloads.
When the user logs in and click to download the file, check in the database that the user still has time left to download the file and they haven't downloaded to many times already.
If all is okay, let them download the file, and add 1 to the field that contains the number.
If not, tell them they have run out of time, or downlaoded too many times.
Mark
Posted: Tue Nov 11, 2003 11:59 am
by qads
what Bech100 said can be made into a automatic process, once they have paid you ask them to choose a username and password, once the account is ready, let them download.
if someone wast able to downoad and was run out of time then they can email you asking for more time, you can check in the database if its true, if it is you just added more time to their account

.
even this can be a automatic process, make a page for this where users can enter their username, check the username and number of downloads in the database, if the username is in there and the number of downloads is less then 5, add more time to their account, else tell them they are not allowed.

Posted: Wed Nov 12, 2003 7:59 am
by wizzard
How can i get a file out of a directory outside the root?
Posted: Wed Nov 12, 2003 12:57 pm
by wizzard
anyone?
Posted: Wed Nov 12, 2003 1:23 pm
by gite_ashish
u can:
fopen()
fpassthru()
u alos need to set proper header() for brower to prompt download dialog box.
hope that helps
Posted: Wed Nov 12, 2003 1:35 pm
by wizzard
fpassthru does this works for files of 50mb?
With fpassthru you don't my a virtual link to the file? You copy it?