SitePoint Sponsor

User Tag List

Results 1 to 10 of 10
  1. #1
    SitePoint Enthusiast
    Join Date
    Aug 2005
    Posts
    38
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Protecting Downloads php way

    Hi,
    How can i allow downloads only from my domain name.If some one copied my download link It shouldnt download instead it should redirect to my domain.Is there any way to do that using php.Please help me iam lossing lot of bandwidth.

  2. #2
    SitePoint Wizard silver trophy
    Join Date
    Mar 2006
    Posts
    6,132
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    you could use sessions to verify that they have visited at least 1 page on your website before you allow them to download.

    just set a session variable on the page that would show the link to click. then before allowing them to download, make sure that session variable exists.

  3. #3
    SitePoint Enthusiast
    Join Date
    Aug 2005
    Posts
    38
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    thanks

    thanks for suggestion i will give try now.

  4. #4
    SitePoint Enthusiast
    Join Date
    Aug 2005
    Posts
    38
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    In page i gave like this
    PHP Code:
    //page
    <?
    session_start
    ();
    $_SESSION['checkIT'] = $_GET['cid'];
    ?>

    //In download.php
    <?
    session_start
    ();
    $checkaccess $_SESSION['checkIT'];


    if(
    $_SESSION['checkIT']==$checkaccess){
      
    // Download script
        
    }else{
     echo 
    "Download from IT";
    }
    ?>
    Some how its not working.Please check it.

  5. #5
    Non-Member Icheb's Avatar
    Join Date
    Mar 2003
    Location
    Germany
    Posts
    1,474
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by clamcrusher
    you could use sessions to verify that they have visited at least 1 page on your website before you allow them to download.

    just set a session variable on the page that would show the link to click. then before allowing them to download, make sure that session variable exists.
    That alone won't help, you also have to protect the actual link to the file.
    For this, you need a page, for example download.php4, which checks the session and then sends the file to the client through readfile().

    Quote Originally Posted by _rajesh_
    $checkaccess = $_SESSION['checkIT'];
    if($_SESSION['checkIT']==$checkaccess){
    I hope that's a typo.

  6. #6
    SitePoint Enthusiast
    Join Date
    Aug 2005
    Posts
    38
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I already done download script.My links are hidden.But other sites are copy my download link like http://xxxx.com/dl.php?cid=1.Now iam trying to restrict this dl.php to work only with my domain name.When others copied my link it should redirect to my site.Please suggest.

  7. #7
    Dinah-Moe Humm mudshark's Avatar
    Join Date
    Dec 2003
    Posts
    1,072
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Perhaps mod_rewrite is the easiest way? Something like this will display a "hotlink.gif" image on sites hotlinking images, but you could modify it to fit your download type:

    Code:
    RewriteEngine On
    RewriteCond %{HTTP_REFERER} !^$
    RewriteCond %{HTTP_REFERER} !mysite.com [NC]
    RewriteRule (jpg|gif|png)$ /img/hotlink.gif [L]

  8. #8
    SitePoint Enthusiast
    Join Date
    Aug 2005
    Posts
    38
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    session error

    Thanks mudshark,
    I need only php way.I think php is better than mod_rewrite as for my concern.

    When i used sessions.Iam getting error like

    Warning: Cannot modify header information - headers already sent by (output started at /home/indiantu/public_html/download.php:5) in /home/indiantu/public_html/download.php on line 75

    Warning: Cannot modify header information - headers already sent by (output started at /home/indiantu/public_html/download.php:5) in /home/indiantu/public_html/download.php on line 76

    Warning: Cannot modify header information - headers already sent by (output started at /home/indiantu/public_html/download.php:5) in /home/indiantu/public_html/download.php on line 77

    Warning: Cannot modify header information - headers already sent by (output started at /home/indiantu/public_html/download.php:5) in /home/indiantu/public_html/download.php on line 78
    ......

    here is my code.

    PHP Code:
    // song.php
    <?php
    session_start
    ();
    $_SESSION['songid'] = ITalloweD;
    ?> 

    <a href=download.php?cid=1">Download</a>

    //In download.php
    <? 
    session_start
    ();
    $ids=$_SESSION['songid'];
    echo 
    $ids;
    if(
    $_SESSION['songid']==ITalloweD)
    {
      
    // Download script
        
    }
      else
    {
    echo 
    "Download from IT";
    }
    ?>
    this worked perfectly in my system.but when i upload in to server iam getting this error.what i need to do to fix this problem.please suggest me.

  9. #9
    Non-Member Icheb's Avatar
    Join Date
    Mar 2003
    Location
    Germany
    Posts
    1,474
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    The error is actually pretty easy to understand . So as long as you don't post the full script we can't help you.

  10. #10
    SitePoint Enthusiast
    Join Date
    Apr 2005
    Posts
    59
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    if($_SESSION['songid']=="ITalloweD")


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •