Re: Witango-Talk: Limiting Downloads

Thu, 07 Dec 2006 06:47:27 -0800

There are 2 ways. The download link hits a witango taf, which uses file read, to your image directory, and spits out the contents, as a file, this will hide the image directory from the users, and they must go through your taf to get the file. So they won't be able to enter the directory to download direct, cuz they won't know it.
The second, is the same, you just put the file in a database, and witango extracts it, and serves it. These are both the same solution, one uses a file read action, the other uses a db action. Neither allows the user to bypass, unless somehow you don't hide your image directory well enough. :-) So put your directory in a place where the witango service can see and read, but the http service cannot. 

--

Robert Garcia
President - BigHead Technology
VP Application Development - eventpix.com
13653 West Park Dr
Magalia, Ca 95954
ph: 530.645.4040 x222 fax: 530.645.4040
[EMAIL PROTECTED] - [EMAIL PROTECTED]
http://bighead.net/ - http://eventpix.com/

On Dec 7, 2006, at 6:24 AM, WebDude wrote:


Hey folks,

I got something I am trying to figure out the best way to do.


I am building a simple basket system in which advertisers can add  
images. After ordering, an email is sent to the corporate office  
and they, in turn, approve the images selected and then a link/ 
links is/are sent back to the advertiser to download the images. No  
Transactions involved. No ftp involved.



All the images need to stay in the same directory and all the  
advertisers know the name of the images. Is there or has anyone  
thought of a way to limit the download/link to the images to just  
the ones in the basket?


In other words, say we have this in the directory...

Image1.jpg
Image2.jpg
Image3.jpg


And one advertiser adds Image1.jpg into a basket and gets approval.  
He is sent a link to download ie... http://<path>imagedirectory/ 
Image1.jpg.



I need to figure out a way where that advertiser cannot just type  
in http://<path>imagedirectory/Image2.jpg and download that image.  
Remember, all the advertisers know the names of all the images.



There are way to many advertisers to use Windows authentication.  
All users have a password to login built in Witango. I've been  
messing around with virtual directories but was just wondering if  
there is a better solution.


Any good ideas out there?

Thanks!


WebDude



______________________________________________________________________ 
__

TO UNSUBSCRIBE: Go to http://www.witango.com/developer/maillist.taf



________________________________________________________________________
TO UNSUBSCRIBE: Go to http://www.witango.com/developer/maillist.taf





















					Reply via email to