how to download a file only from my website?

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
yoni ^_^
Forum Newbie
Posts: 2
Joined: Tue Sep 25, 2007 6:12 am

how to download a file only from my website?

Post by yoni ^_^ »

hello,

i have a link in my website to download some file.

i want that users that visiting my website could click on that link and download the file. altough, i want that in the case when someone copies the url of the file and post it in another website that users would cannot download the file from another website which is not my website.

does someone know how can i solve this problem?

thank you!
User avatar
aceconcepts
DevNet Resident
Posts: 1424
Joined: Mon Feb 06, 2006 11:26 am
Location: London

Post by aceconcepts »

You could check the referral HOST attempting to access your file

Code: Select all

$_SERVER['HTTP_REFERER'];
If it is not your host then do not accept request.
yoni ^_^
Forum Newbie
Posts: 2
Joined: Tue Sep 25, 2007 6:12 am

Post by yoni ^_^ »

thanks!

can you please write me an example code?
lnt
Forum Newbie
Posts: 12
Joined: Mon Sep 24, 2007 8:47 am

Post by lnt »

Code: Select all

if ($_SERVER['HTTP_REFERER']=='' || strpos($_SERVER['HTTP_REFERER'],$_SERVER['SERVER_NAME'])==7)
{
    //from your site
}
else
{
    //from another site
}
or

Code: Select all

function checkDomain(){
	$host=apache_request_headers();
	$from=$host['Referer'];
	if (!$from) return false;
	$domain=explode("/",$from);
	return($domain[2]==$_SERVER['HTTP_HOST']);
}
if (!checkDomain()) die("Error!");
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

~lnt, your first snippet assumes $_SERVER['HTTP_REFERER'] is always present. The second assumes the server is running Apache and that referral information was transmitted.

---

The referral header is optional, not required. Writing your code to require it may alienate many users. A poor user experience does far more damage than a positive user experience does good.
EricS
Forum Contributor
Posts: 183
Joined: Thu Jul 11, 2002 12:02 am
Location: Atlanta, Ga

Simple Solution

Post by EricS »

A simple solution is setting an arbitrary session variable when a user enters your site. Then check for that session variables existence before providing the file. You would of course need to make sure all entry points into your site set this session variable.
Post Reply