Page 1 of 1

Restrict file downloading to registered users only.

Posted: Sat Mar 20, 2004 9:56 pm
by mikegotnaild
Ok ive got a system that allows bands to submit their band information/mp3 or video files to certain genra pages to be displayed on. I fetch the rows of data from mysql and display their picture, information and image so its all dynamic keep in mind. (using phpnuke btw)

Now my idea for restricting a file download to registered users is to direct them to a pre-page when they click a link to download a file. This "pre-page" checks if they are registered and logged in than if they are it redirects them to the file download. If they arent it sends them to a page that informs them that they need to register and login before they can download files.

Heres what I got but i need to know what i should do with the "header ("Location ?") ;" My general idea for this was header("Location: http://mywebsite.com/upload/$file"); But what would i do when i assign $file to something... The files in my 'upload' folder arent assigned to variables (since its dynamic) so what would i have to do to extract the correct file from something dynamic like this? ( Hope im explaining this right, im not very good with the coding thought process at times. ) This is the code i got so far.

Code: Select all

<?
/*****************************************************/
/*	This code checks if a person is registered and   */
/*  logged in before he/she can download the selected*/
/*  file.					                         */
/*****************************************************/
require("mainfile.php");
if (is_user($user)) { 
  header("Location: ?"); /* Redirect browser to the selected file to download */


exit;  /* Make sure that code below does not get executed when we redirect. */
}else{
  header("Location: http://mysite.com/youmustregister.php"); 
  /* ^Redirect browser to a page that informs the person
     that they need to register and login before they
	 can download files */
}
	 
?>

Posted: Sun Mar 21, 2004 11:16 am
by doeboy
If you are uploading files with random names, that you will need to access later base on a band, then you should be storing the random file name in the database with the band.

If this is your check page, then in the link that you click on to download a file I would add check_page.php?file=$file.

On your check page you would just put

header("location:path/{$_GET['file']}");

Posted: Sun Mar 21, 2004 8:33 pm
by mikegotnaild
I AM storing the filename with the band. Because i have tables set up for each genre and when bands submit their mp3s and stuff it is also storing the file names they are also submitting their band name and description , history influences etc.

Posted: Sun Mar 21, 2004 8:42 pm
by mikegotnaild
Nevermind I figured it out. THANKS ALOT. It probably would have taken me forever to get this working if it wasnt for you.