Form guidance

bluto374

I have a form that requires a customer to fill out their information and hit a submit button. It then puts the information into a database. This is all working perfectly. What I want to happen is after it writes the info to the database, print free_ticket.pdf on the client sides default printer, but not show the url (to prevent someone from just typing in the url and open the file). Any suggestions?

sneakyimp

If free_ticket.pdf is in your public_html folder and you link directly to it, there is no way for you to really hide the url. Any script kiddie could find it by looking at the source html or using firebug or whatever.

The trick in preventing people from accessing files on your server without authorization is to store these files outside your web root (i.e., your public_html folder) and then using a php script to output them to the user. this php script should take care to make sure all your conditions for coughing up the free ticket are satisfied.

Once the file is delivered to the user's browser, you have no control over it any more. You cannot prevent them from doing with it whatever they please.

In theory, you could write a program that a user would need to install (either on their machine or as some kind of browser plugin or something) that would somehow locate available printers and choose one and so on, but this would be prohibitively difficult I imagine.

I think you should rethink the means by which you grant free tickets. Just sending a printable file doesn't sound particularly robust.