this might help...
i haven't checked it out but i need to implement something like this soon...
http://www.ngcoders.com/php/selling-dig ... pn-and-php
URL Security
Moderator: General Moderators
-
rashmisharma
- Forum Newbie
- Posts: 11
- Joined: Wed Feb 18, 2009 4:27 am
Re: URL Security
A big Thanks to all of u.
Now i m able to do what i want. But still there is a problem like if i type direct path in the url then anyone can able to download file. No .htaccess help me out.
Now i m able to do what i want. But still there is a problem like if i type direct path in the url then anyone can able to download file. No .htaccess help me out.
Re: URL Security
What is the direct path, and exactly what is inside your .htaccess file?
- kaisellgren
- DevNet Resident
- Posts: 1675
- Joined: Sat Jan 07, 2006 5:52 am
- Location: Lahti, Finland.
Re: URL Security
How about you actually put the file outside the document root and let PHP to handle the download?rashmisharma wrote:A big Thanks to all of u.
Now i m able to do what i want. But still there is a problem like if i type direct path in the url then anyone can able to download file. No .htaccess help me out.
-
rashmisharma
- Forum Newbie
- Posts: 11
- Joined: Wed Feb 18, 2009 4:27 am
Re: URL Security
I haven't put anything outside the root, instead i have url rewriting so that if my files are in path http://www.mydomain.com/download/filename.pdf then it is shown as http://www.mydomain.com/abc/xyz/downloa ... lename.pdf
so no one actually able to know the exact path of my files.
so no one actually able to know the exact path of my files.
- kaisellgren
- DevNet Resident
- Posts: 1675
- Joined: Sat Jan 07, 2006 5:52 am
- Location: Lahti, Finland.
Re: URL Security
It is possible to know it. Ultimately you cannot hide anything, although very long filenames and unique looking foldernames will do fine usually.rashmisharma wrote:I haven't put anything outside the root, instead i have url rewriting so that if my files are in path http://www.mydomain.com/download/filename.pdf then it is shown as http://www.mydomain.com/abc/xyz/downloa ... lename.pdf
so no one actually able to know the exact path of my files.