1. Home
  2. Forums Index
  3. Server Side / PHP Server Side Scripting 5:55 am Apr 28, 2026

Forum Moderators: coopster

Message Too Old, No Replies

How do I code it so that a file can only be downloaded once?

Using PHP to make sure only one customer can download a file

         

php_dave

12:58 am on May 31, 2011 (gmt 0)

10+ Year Member



'Ello, 'ello.

The answer to my question is probably very simple but if I have a website from which people download video clips for a fee how do I code it so that

a) The file can only be downloaded by someone with the correct password/key (obtained via succesful payment)
b) The file can only be downloaded for a short time period
c) The direct URL of the file is never revealed or the file cannot be downloaded directly, without a valid password/key

I'm not a novice when it comes to PHP and MySQL but I've not done this before and I can't work out how I'd do it, especially the bit to prevent people downloading a file directly, without a key.

Which of you fine people can help me in my predicament?

Note: Not that it matters but this isn't for a #*$! site.

rainborick

1:58 am on May 31, 2011 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month



I would approach it something like this: When the user qualifies to download a file, your site could create a key/hash associated only with that file. The key/hash would be stored in a database that would include the hash, the true URL of the file, and a flag denoting whether or not the file had been downloaded by the user. The user is then presented with a link consisting of a URL that points to a script on your site that includes the hash in a query string parameter. When the user invokes the URL, the script checks the database to make sure that the download flag is clear. If the flag is set, the download is refused. If the flag is clear, the script sets it and then transmits the file to the user.

php_dave

2:24 pm on May 31, 2011 (gmt 0)

10+ Year Member



Thanks, Rainborick. I hadn't even thought of replacing the URL with a key. Would this hide the true URL of the file? Would there definitely be no point at which the person downloading the file could see or work out the file's URL? That's the part I don't understand; having a permanent URL for a file but never allowing it to be revealed.

rocknbil

3:43 pm on May 31, 2011 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



The way you'd do that part is

- store the files in some location off root or otherwise inaccessible via the web
- Alter your script so instead of outputting the URL, you open the file and print to the browser. (while (FILE) { print; } }

If the file has expired, you just print a message and exit. :-)
 

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

  1. Home
  2. Forums Index
  3. Server Side / PHP Server Side Scripting 5:55 am Apr 28, 2026