Start a session on the sign in page, and check for the session before
displaying the page with the link. The it does not matter if the link page
URL is distributed. In my situation;
1. Sign in page goes to a validation script.
2. Check for form fields. (1st of Nested loops)
        if (isset($formField)){//check for form.....
3. If form, validate user and start session
        $result = mysql_query("SELECT * FROM ok_users WHERE password =
$password AND user_ID = $user_ID");
        if (mysql_num_rows($result) < 1){// No user so exit
        if (mysql_num_rows($result) > 1){// Too many users (bad data) so
            else{       //valid user
                   // register the variables you need or want
4. redirect to page with download
           header ("Location: download.php");
//// must be in the session start snippet or get too many headers errors
            }//end start session code
          }//end check for multiple match
     }//end check for form (and other actions)
 else{//if no form.....
print ("You must login to access this page");
5. On download page check for session.
// ***********************************   session check*/
    if (!session_is_registered("SESSION")){
     print ("You must Log-In to access this page\n");
     print ("<a href='sign_in.php'>");
     print ("Click here to Log In");
////////body of page

Now if you access the download page directly, you only get a link to sign

Does this help?

----- Original Message -----
From: "Fargo Lee" <[EMAIL PROTECTED]>
Sent: Wednesday, June 12, 2002 4:14 PM
Subject: [PHP] How do I hide download link ...

> Hi, my customers go through a password authentication to access a link on
> site to download a file. I want to prevent the distribution of the
> of this file on my server by making it hidden. Is there any php
> that could assist in doing this?
> All I can think of so far is storing the original file in a hard to guess
> directory, when a authenticated customer goes to download it, send them to
> script that copys the original file to a temp directory, they download the
> file in the temp directory and then run a cron every so many minutes to
> clear out the files in the temp directory.
> If anyone has any ideas, examples or a way to improve on what I came up
> please respond. Thanks!
> --
> PHP General Mailing List (
> To unsubscribe, visit:

PHP General Mailing List (
To unsubscribe, visit:

Reply via email to