[thelist] CF: Cloaking directories for file downloads?
Judah McAuley
judah at wiredotter.com
Fri Jul 21 12:56:54 CDT 2006
Store the file in a non-web accessible directory. For each unique url,
store the random number, file name and account info in a db table. Have
the url be parsed as a forward slash delimited list to get the number
and filename out as variables. Then check the session id, number in the
url and file name against the db table. If it matches, use CFContent to
grab the file and send it back to the browser with the proper mime type.
Then mark the file in the db as having been downloaded (if it's a one
time download).
If you have any questions on the particulars of that process, feel free
to email me.
Judah
Frank wrote:
> I saw that a sofware vendor had used a scheme like this in order for the
> user to download a file, but that the URL was good for only one time
>
> http://www.domain.com/RaNdOmNuMbEr/filename.exe
>
> I'm currently implementing a PayPal/file download solution, and I'd like to
> be able to do something like this. Other than creating a new directory,
> copying the file over, downloading it then deleting the file, then
> directory per transaction, can someone suggest how I might do this?
>
> The idea is to have be able to hide the true location of a file so that the
> user doesn't start distributing the URL among all of their friends. It's
> just a simple security measure.
>
> Suggestions, anyone?
>
>
> Frank Marion lists at frankmarion.com Keep the signal high.
>
>
>
More information about the thelist
mailing list