i have something like this
def download():
download_id = request.args(0)
download = db.post(download_id)
if str(download) == "None":
redirect(URL(r=request,c="home",f="index"))
form = FORM("Download: " + str(download_id) ,INPUT(_type='submit',
_value="Download"))
form.insert(1,captcha)
if form.accepts(request.vars, session):
return redirect(URL(r=request,c='default',f='download/db',
args=download.file))
elif form.errors:
response.flash = T("Houston we have a problem")
return dict(form=form)
then this redirects to
def download():
return response.download(request,db)
and i get something like this
http://127.0.0.1:8000/init/default/download/db/post.file.998824c8547a4dd4.313239333035323337373332312e6a7067.jpg
catpcha fail in this case, i will be able to download from this URL
any idea how can i hide the downloads? =D
