Jump to content

  • Log In with Google      Sign In   
  • Create Account

We're offering banner ads on our site from just $5!

1. Details HERE. 2. GDNet+ Subscriptions HERE. 3. Ad upload HERE.


Providing a download link


Old topic!
Guest, the last post of this topic is over 60 days old and at this point you may not reply in this topic. If you wish to continue this conversation start a new topic.

  • You cannot reply to this topic
5 replies to this topic

#1 DarkRonin   Members   -  Reputation: 616

Like
1Likes
Like

Posted 04 March 2014 - 04:14 PM

Hi Guys,

 

I have made a site where members can register log on etc with php and a MySQL backend.

 

I want to be able to provide download links for certain files depending on what the user has rights to download.

 

In theory the user could click on the link and download the file - simple enough.

 

But, how do I stop the user from providing the link to other people so they can then simply place the link in the browser and download the file that they don't have access to?

 

The files will be in the form of 'zip' files.

 

Thanks in advance :)

 

 

 



Sponsor:

#2 Madhed   Crossbones+   -  Reputation: 3129

Like
5Likes
Like

Posted 04 March 2014 - 04:50 PM

You can use the php function readfile() to output file contents into the http response stream.

You would use this on a url that the user can only access when logged in.

You should also use header() to set the correct mime type and tell the browser to prompt the user to download the file (instead of opening it in the browser)

header("Content-type: application/octet-stream"); 
header("Content-disposition: attachment; filename=test.zip");  

Edited by Madhed, 04 March 2014 - 04:53 PM.


#3 DarkRonin   Members   -  Reputation: 616

Like
1Likes
Like

Posted 04 March 2014 - 08:22 PM

 

You can use the php function readfile() to output file contents into the http response stream.

You would use this on a url that the user can only access when logged in.

You should also use header() to set the correct mime type and tell the browser to prompt the user to download the file (instead of opening it in the browser)

header("Content-type: application/octet-stream"); 
header("Content-disposition: attachment; filename=test.zip");  

 

Thanks for the reply, Madhed

 

Ok, I think I see where you are coming from. I'll give your suggestions a try :)



#4 Orione   Members   -  Reputation: 142

Like
0Likes
Like

Posted 05 March 2014 - 03:12 AM

Just as a side fact the solution that has been provided will avoid copy-paste of your link.

Users could anyway download files they have rights to see then pass them to other users.

So you can not stop users from getting access to these files.

 

If files are intended to be used in following activities it would be much better to protect the "usage" of these files.



#5 BitMaster   Crossbones+   -  Reputation: 4421

Like
2Likes
Like

Posted 05 March 2014 - 04:01 AM

If files are intended to be used in following activities it would be much better to protect the "usage" of these files.


That implies implementing some kind of DRM. First, implementing even halfway working DRM is far from simple. Second, when it works it usually annoys your honest users more than any illegitimate users.

Nowadays I flat out refuse to buy DRM-protected software and sites like GoG do quiet good business to cater to my needs (which implies I'm not exactly alone in my dislike of DRM since there are far more convenient places to buy games if you don't care about the DRM state).
It should also be noted that they don't have a widespread problem with pirating of their DRM-free games. For example when The Witcher 2 was published (simultaneously DRM-free on GoG; as well as other channels, including a DRM-protected hard copy) there was a pirated version of it available within hours. The pirated version available was the cracked hard copy though. The DRM-free download version did not make it into any kind of widespread circulation.

Edited by BitMaster, 05 March 2014 - 04:01 AM.


#6 DarkRonin   Members   -  Reputation: 616

Like
1Likes
Like

Posted 05 March 2014 - 04:24 AM

Just as a side fact the solution that has been provided will avoid copy-paste of your link.
Users could anyway download files they have rights to see then pass them to other users.
So you can not stop users from getting access to these files.
 
If files are intended to be used in following activities it would be much better to protect the "usage" of these files.


In this case, I was thinking of having the file serial numbered internally (the files are actually DLL's that I have spent a lot of time creating, but are very valuable to the target audience). If a particular serial crops up all over the net, I can send a 'please explain' to the licensee or introduce a kill switch (or both).

Internally I can do a check to make sure the serial numbers are valid. So, the end user would be none the wiser and won't be nagged by any DRM things.

Obviously, all of this is a side issue in itself. The big challenge was to try and stop a copy/paste of the download URL.

Thanks so far for all oft he awesome suggestions. :)




Old topic!
Guest, the last post of this topic is over 60 days old and at this point you may not reply in this topic. If you wish to continue this conversation start a new topic.



PARTNERS