Forum Moderators: coopster
And I want only paid users can download this file. So my question is, how to hide this file from paid user to prevent them from sharing this URL with other unpaid users.
For example, I can send header to the file's location:
Source code of http ://www.domain.com/download.php<?
Header("Location: http ://www.domain.com/file/file.zip");
?>
2004-10-07 11:29:39.101 GET /download.php HTTP/1.1
2004-10-07 11:29:39.101 Host: www.domain.com
...
2004-10-07 11:29:39.812 HTTP/1.1 302 Found
2004-10-07 11:29:39.812 Location: http ://www.domain.com/file/file.zip
...
2004-10-07 11:29:39.812 Start Receiving Data!
So, is there a way to hide the real file location?
Btw, don't worry about that the paid users give out http ://www.domain.com/download.php because the real download.php URL is like this: http ://www.domain.com/download.php?id=the_customers_unique_id
1. Customer requests file.zip
2. copy the original file.zip to the_customers_unique_id.zip
3. serve them the renamed file
4. delete the file
another thought is to keep the real files outside of the root and copy them into the web root in some random folder on request.
<?
$content_len=@filesize("file.zip");
Header("Content-type: application/zip");
Header("Content-type: octet-stream");
Header('Content-Disposition: attachment; filename="file.zip"');
if($content_len!=FALSE)
{
Header("Content-length: $content_len");
}
readfile("file.zip");
?>
