SitePoint Sponsor

User Tag List

Results 1 to 4 of 4
  1. #1
    SitePoint Addict Normal75's Avatar
    Join Date
    Oct 2001
    Location
    Vancouver, Canada
    Posts
    245
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    question about chmod, please help

    hi all,
    I have a login script that allow users to log in and download some zip files, however my problem is users can actually download the files via the broswer instead of login in, is there a way to prevent them from typing in a browser to download the files?

    For example, users can type in www.example.com/download/zipfile.zip to download a file instead of login a secure member area to click the link to download the file. Anyone has an idea what to do with this?


    thank you.
    ~It will come to me one day~

  2. #2
    SitePoint Addict LaughBlaster's Avatar
    Join Date
    Mar 2003
    Location
    C:\WINDOWS\Hell 2.0
    Posts
    213
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by Normal75
    hi all,
    I have a login script that allow users to log in and download some zip files, however my problem is users can actually download the files via the broswer instead of login in, is there a way to prevent them from typing in a browser to download the files?

    For example, users can type in www.example.com/download/zipfile.zip to download a file instead of login a secure member area to click the link to download the file. Anyone has an idea what to do with this?


    thank you.
    Add this to your .htaccess file (presuming you are on an apache machine)

    Code:
    RewriteEngine on
    RewriteCond %{HTTP_REFERER} !^http://yourdomain.com/.*$      [NC]
    RewriteCond %{HTTP_REFERER} !^http://www.yourdomain.com/.*$      [NC]
    RewriteRule .*\.(zip)$ http://www.yourdomain.com/nono.html [R,NC]
    Replace yourdomain.com with your actual domain and directory (but not the name of the actual file i.e. yourdomain.com/downloadfolder/ )

    Make a page that explains why they are redirected there, becuase they didn't log in, and name it whatever, then edit the last url (nono.html) to reflect the file name you saved your nono page to.
    Boredom is illegal, enjoy life while you can, Laugh a little
    |Jokes|e-creations®|
    clixGalore made me sad, see why.

  3. #3
    La la la la la bronze trophy lieut_data's Avatar
    Join Date
    Jun 2003
    Location
    Waterloo, ON
    Posts
    1,517
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Alternatively, see this thread.
    My name is Steve, and I'm a super-villian.

  4. #4
    SitePoint Addict Normal75's Avatar
    Join Date
    Oct 2001
    Location
    Vancouver, Canada
    Posts
    245
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    hi,
    thank you. I am on apache, but i couldn't find .htaccess file, where can i find it? Or can i just create one under file manager in Cpanel?

    Please reply, thanks
    ~It will come to me one day~


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •