Download files from server

hexguy

Hi,
I've got a problem and hence would require your help to solve it.Well I am doing a website that allows registered users to download files.The files can be of any type(exe,zip,txt etc).The users will have to pay to download these files.Once they pay they would be sent the username and password to access it and the url.So he would have to go to the url(as specified in the email)and enter the username and password(this is randomly created exclusively for this download).After that he will be shown a link for downloading the file.eg www.aaa.com/downloads/a12122.zip.Now the problem with this is that I want this to be very secure .He should not be able to download the file by entering www.aaa.com/downloads/a12122.zip in the browser.I've heard that this is possible using http authentication.is it possible.?In that case if i give him a link in my page (after login)for the file www.aaa.com/downloads/a12122.zip will he be asked to enter his username and password(http authentication)again?Please give me suggestions.
Thanx,
Thomas

planetsim

Well i suggest letting the person login. From that have a small pop up window saying your download will commence in a little while or something

Then from there use header("");

Now you would need something in the url from the email for this to actually happen. IF you want the user to only be able to download this once. Use a cookie as well as maybe taking the IP.

hexguy

Well the file which I redirecting the user to using header() could also be got by typing it in the address bar.Am I right?
Regards,
hexguy

terrabull

Hello!

You could also store all your files in a place
where they cannot be accessed through the browser, ie /home/myfiles, and then use php to output the files to a browser.

So you can do authentication using a php script, and then if you accept the user you could
do the following:

(if you use windows you will have to find another
way..)

passthru("cat /home/myfiles/file.exe");

Before this statement you should probably also
send the right headers, but it should work without any headers... ?

I think
header("Content-Type: application/octet-stream");

but I'm not sure..

bye!!

planetsim

No i said to open a new window in like a pop up window with no address bar..