Protecting the URL

Forum Moderators: open

Message Too Old, No Replies

Protecting the URL

w_s_o

1:50 am on Mar 6, 2006 (gmt 0)

We're writing an application to sell e-books online. When someone purchases the e-book, we'll send them a password used to download the book. The password will only be good for 24 hours.

My problem is, once they buy and gain access to the book, how can I stop them from seeing the URL to get direct access to the book? I don't want them to be able to send to people who have not purchased.

Is there a way I can force a download straight to their browser without showing the url of the document?

Thanks,
Tom

txbakers

11:52 am on Mar 6, 2006 (gmt 0)

perhaps you can hide it in a frame set.

vonragnor

9:24 pm on Mar 19, 2006 (gmt 0)

Puth the real path in a database, give the user a path with a random string. Let the 404 page look up the string in the database, and redirect user to the file.. On first use, record the ip address in the database and for the next 24 hrs only allow access again from the same ip address.

w_s_o

12:50 am on Mar 20, 2006 (gmt 0)

Thanks to everyone for their suggestions. I found out that ASPUpload, which is installed on the server, also has a function to download from the server, which protects the URL.

Thanks,
Tom