Nitsan Bin-Nun wrote:
What do you mean by session variables?
I should register a new session and pass it along with the file to the PHP wrapper?

Yes - in the page that links to your downloads you can do something like


then in the wrapper -

if (isset($_SESSION['download'])) {
   } else {

the check the $allowed variable.

Only way the file will be sent is if they have been to your site that creates a session for them and sets the $_SESSION['download'] variable to TRUE.

You can check whatever you want from the session variables.

For some of my files, I check the userid in the session variable and make sure the user is allowed to download it. If they aren't, they get a 401 forbidden header and page.

PHP General Mailing List (
To unsubscribe, visit:

Reply via email to