session_start();
if(!isset($_SESSION["did_pay"]))
{ header("Location: http://www.example.com/pay_first.php";); }
//show download code....Obviously you set $_SESSION['did_pay'] to a value once they, umm, pay. ---John Holmes... ----- Original Message ----- From: "Ron Stagg" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Wednesday, May 29, 2002 4:47 PM Subject: [PHP] ******************* Secure product download ******************* I am building a site where visitors can purchase and download software. To purchase a software product, the visitor must submit credit card info. Once the purchase has been approved, the user is given a link from which he/she may download the requested software. This link MUST only be accessible to those who have paid. I have tried a number of different and creative methods, but none give me the security I need. I don't want the user to be able bookmark the URL or email the URL to friends so that they can download the software as well. I am using PHP sessions combined with MySQL user accounts to authenticate users throughout the rest of the site. How can I get this to work for downloads? Is this even possible within the open realm of the browser? Have any of you solved a similar problem? I welcome any ideas. Ron Stagg -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
