[advanced search]
 

Go Back   NamePros.com > Discussion > Web Design & Development > Programming

Programming PHP, Perl, Ruby on Rails, AJAX, HTML, XHTML, CSS, JavaScript, MySQL and any other coding topics.


Closed Thread
 
LinkBack Thread Tools
Old 06-26-2006, 04:05 PM   #1 (permalink)
NamePros Member
 
Join Date: Oct 2005
Posts: 38
9.80 NP$ (Donate)

Scott2503 is an unknown quantity at this point


Authenticating the download of a ZIP file [PHP]

I want to be able to authenticate the download of a ZIP with PHP. There will just be a $_SESSION variable and it will contain information on how to identify if the user is allowed to download the file. The actual authentication I am not worried about but I am more concerned about how I can protect the ZIP file like without anyone being able to just download it or spread the link to the download... even if it happens to be they just take a lucky guess and find the file, I want to block the downloading completely unless it is through the script.

How can I do this?
Scott2503 is offline  
Old 06-26-2006, 11:45 PM   #2 (permalink)
Senior Member
 
Peter's Avatar
 
Join Date: Nov 2003
Location: Scotland
Posts: 4,900
0.60 NP$ (Donate)

Peter has a reputation beyond reputePeter has a reputation beyond reputePeter has a reputation beyond reputePeter has a reputation beyond reputePeter has a reputation beyond reputePeter has a reputation beyond reputePeter has a reputation beyond reputePeter has a reputation beyond reputePeter has a reputation beyond reputePeter has a reputation beyond reputePeter has a reputation beyond repute

Child Abuse Save The Children Save The Children Help The Homeless - Holiday 2009 Help The Homeless - Holiday 2009 Help The Homeless - Holiday 2009 Help The Homeless - Holiday 2009
the best way is to have the zip file outside of the http directory and make the person log in before downloading. Pass them to a new script that you would create that checks they are logged in and if they are to include the file they wish to download.

The following is such an example, of course before this you would need to make the code that ensures the user is logged in.

PHP Code:
$file_path = '/home/username/downloads/filename.zip';

if(
is_file($file_path))
{
    
$file_mime = mime_content_type($file_path);
    
$filename = basename($file_path);
    
$filesize = filesize($file_path);
    
    
header('Pragma: public');
    
header('Expires: 0');
    
header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
    
header('Cache-Control: private', false);
    
header('Content-Type: '. $file_mime);
    
header('Content-Disposition: attachment; filename="'. $filename .'"');
    
header('Content-Transfer-Encoding: binary');
    
header('Content-Length: ' . $filesize);

    
readfile($file_path);
}
P.S. I never wrote this I got it from another forum (members name was maxymize)
Peter is offline  
Old 06-27-2006, 12:18 PM   #3 (permalink)
NamePros Member
 
Join Date: Oct 2005
Posts: 38
9.80 NP$ (Donate)

Scott2503 is an unknown quantity at this point


It worked.. thanks for posting it and thanks to maxymize for writing it.
Scott2503 is offline  
Closed Thread


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On


Site Sponsors
Advertise your business at NamePros

All times are GMT -7. The time now is 04:27 PM.


Powered by: vBulletin® Copyright ©2000 - 2009, Jelsoft Enterprises Ltd.
Search Engine Friendly URLs by vBSEO 3.3.0
Template-Modifications by TMS
vBCredits v1.4 Copyright ©2007 - 2008, PixelFX Studios

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85