i think there's an option under the general admin config to turn off direct downloads. Then the links formed by things like <skin:buildlink> will be of the form: download.cfm?objectid=<objid>. You can then also write download.cfm to check security of files if you need to. I essentially did a duplicate of dmFile into dmSecureFile and then download.cfm checks the typename and permissions if it needs to before serving the file. I'm sure there's some way to trace from download.cfm to the file location, but I don't think people visiting my site would be that devious.
That was kinda rambling... sorry Tomek On Thu, Jun 11, 2009 at 1:19 PM, BazD <[email protected]> wrote: > > Hi > > Im creating a "members area" which requires a basic username and > password to log-in and access a page which will have links to various > downloable files. > > My question is, is it at all possible to some how hide the location of > the files when the link to download them is rolled over ? Reason being > is that I dont want people sending the URL of the downloads to non- > members etc. > > Thanks in advance > B > > > --~--~---------~--~----~------------~-------~--~----~ You received this message cos you are subscribed to "farcry-dev" Google group. To post, email: [email protected] To unsubscribe, email: [email protected] For more options: http://groups.google.com/group/farcry-dev -------------------------------- Follow us on Twitter: http://twitter.com/farcry -~----------~----~----~----~------~----~------~--~---
