download.php

ab4net

Hi,
i have created a force download script in the file: download.php
it is working fine ...
Mission: i want to allow only the logged members to use this file download.php and cant be used if not logged in ...
solution is: to check the session variables when he request the page
* Problem: if you used the header information in the session start comman, then you can use it again in the FORCE download headers commands !!

pelase do you have a better solution ..? which works in my case,
and thanks all in advance ....

jkurrle

You could define a security code to pass. Zero could be not logged in, One could be logged in. If logged in, the system checks the login ID to see if it is a valid ID. If so, display the page.

I'm not sure if this is what you are looking for, but I hope it helps.

ab4net

thanks ... but what i want,
is to chek the login session if available or not ...
by reading the session variables, and thats dowsent allow the page to continue !!

Weedpacket

ab4net wrote:
* Problem: if you used the header information in the session start comman, then you can use it again in the FORCE download headers commands !!

Could you explain this again, please? Because jkurrle's solution makes perfect sense to me and I don't see what's wrong with it. It could be made a little simpler:

if(!isset($_SESSION['loggedin'])) {
//... not logged in
}

But personally I don't understand the problem.

ab4net

yes, but beofre this you have to make a session_start();
correct .. ?
that means you already sent the header information ...
then you cant use the header information again (resend) by the download force commands .. ?
or iam wrong .. ?

Weedpacket

You are wrong.

ab4net

🙂
correct me please ...
and thanks in advance

Weedpacket

ab4net wrote:
yes, but beofre this you have to make a session_start();
correct .. ?

Correct.

that means you already sent the header information ...

No, setting headers does not send headers.

then you cant use the header information again (resend) by the download force commands .. ?

You can set more than one header.

or iam wrong .. ?

You are wrong.

Clearer now?

ab4net

ya thanks ...
🙂