This is for http://www.cougarnotes.com
My website is designed to serve up PDF's to members with the right access. I have already programmed the PDF's to be served up from behind an htaccess so that PDF's can only be viewed while logged in with the appropriate access.
I want users to only be able to view PDF's while logged in or to be able to print them. I don't want them to be able to download them.
My Idea:
Can you open a password protected PDF with a password that is entered 'behind the scenes' either on the server side or in the users browser via javascript. This way the user never sees the password and if they do download the PDF's they won't be able to open them.
PDF's and behind the scenes passwords... should be tricky.
Moderator: General Moderators
- Christopher
- Site Administrator
- Posts: 13596
- Joined: Wed Aug 25, 2004 7:54 pm
- Location: New York, NY, US
Re: PDF's and behind the scenes passwords... should be tricky.
I don't think you can do that, but there are many options available for PDF -- check the Adobe site.
(#10850)
- Chris Corbyn
- Breakbeat Nuttzer
- Posts: 13098
- Joined: Wed Mar 24, 2004 7:57 am
- Location: Melbourne, Australia
Re: PDF's and behind the scenes passwords... should be tricky.
That wouldn't really be possible no. You could experiment with multipart/x-mixed-replace content-types and see if it's possible to push a new "corrupt" version down to replace the working version. In theory, the browser should only "display" the version it can actually display.
Even if that worked, a programmer would be able to get the PDF data by viewing the source and base64_decode()'ing it.
multipart/x-mixed-replace is good fun to play with in any case. I'm releasing a library soon which will offer MIME support of HTTP to do those embedded downloads like sourceforge do using multipart content types.
Code: Select all
<?php
header("Content-Type: multipart/x-mixed-replace; boundary=\"_=_foo_=_\"");
header("Content-Transfer-Encoding: 7bit");
/* The next parts send headers for nested content... in theory the browser displays each
part until it hits one it can't display */
?>
--_=_foo_=_
Content-Type: application/pdf; filename="pdf.pdf"
Content-Transfer-Encoding: base64
Content-Disposition: inline
<?php
echo chunk_split(base64_encode(file_get_contents($the_real_pdf)));
?>
--_=_foo_=_
Content-Type: application/pdf; filename=pdf.pdf
Content-Transfer-Encoding: base64
Content-Disposition: inline
... some corrupt data ...
--_=_foo_=_--
multipart/x-mixed-replace is good fun to play with in any case. I'm releasing a library soon which will offer MIME support of HTTP to do those embedded downloads like sourceforge do using multipart content types.