Open your browser, right click and hit properties on any page. ----- Original Message ----- From: "Brian McGarvie" <[EMAIL PROTECTED]> To: "Nathan Taylor" <[EMAIL PROTECTED]>; "Bret L Conard" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> Sent: Tuesday, June 18, 2002 6:46 AM Subject: RE: [PHP] How do I hide download link ...
if you want to hide it fromthe browser you cound do: <a href=# onclick="javascript:document.location='sign_in.php'">click here</a> or you could over write the status text: <a href="sign_in.php" onMouseOver="window.status='Some text...'; return true;">click here</a> or a combination... Also note... this has/had nowt to do with _PHP_ :) > -----Original Message----- > From: Nathan Taylor [mailto:[EMAIL PROTECTED]] > Sent: 18 June 2002 11:33 AM > To: Bret L Conard; [EMAIL PROTECTED] > Subject: Re: [PHP] How do I hide download link ... > > > > if (!session_is_registered("SESSION")){ > > print ("You must Log-In to access this page\n"); > > print ("<a href='sign_in.php'>"); > > print ("Click here to Log In"); > > } > > print ("<a href='sign_in.php'>"); > > should be: > > print("<a href='sign_in.php'>Sign-in</a>"); // or something > like that > > > But anyways, I don't think that's quite what he wanted. I > think the idea is > to protect the link to a file so only special users can see > it. Sure this > code with protect the page from being viewed, but, > download.php or whatever, > if it is protected it still points to a physical file. If a > user for some > reason desires to leak the actual link then there could be a > problem. This > is why he probably should change the physical file data. > > ----- Original Message ----- > From: "Bret L Conard" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Sent: Tuesday, June 18, 2002 6:22 AM > Subject: Re: [PHP] How do I hide download link ... > > > > Start a session on the sign in page, and check for the > session before > > displaying the page with the link. The it does not matter > if the link page > > URL is distributed. In my situation; > > 1. Sign in page goes to a validation script. > > 2. Check for form fields. (1st of Nested loops) > > if (isset($formField)){//check for form..... > > 3. If form, validate user and start session > > $result = mysql_query("SELECT * FROM ok_users WHERE > password = > > $password AND user_ID = $user_ID"); > > if (mysql_num_rows($result) < 1){// No user so exit > > if (mysql_num_rows($result) > 1){// Too many users > (bad data) so > > exit > > else{ //valid user > > session_start(); > > // register the variables you need or want > > session_register("SESSION");. > > 4. redirect to page with download > > header ("Location: download.php"); > > //// must be in the session start snippet or get too many > headers errors > > ///// > > }//end start session code > > }//end check for multiple match > > }//end check for form (and other actions) > > else{//if no form..... > > print ("You must login to access this page"); > > } > > 5. On download page check for session. > > <?php > > session_start(); > > // *********************************** session check*/ > > if (!session_is_registered("SESSION")){ > > print ("You must Log-In to access this page\n"); > > print ("<a href='sign_in.php'>"); > > print ("Click here to Log In"); > > } > > else{ > > ////////body of page > > } > > > > Now if you access the download page directly, you only get > a link to sign > > in........... > > > > Does this help? > > Bret > > > > > > ----- Original Message ----- > > From: "Fargo Lee" <[EMAIL PROTECTED]> > > To: <[EMAIL PROTECTED]> > > Sent: Wednesday, June 12, 2002 4:14 PM > > Subject: [PHP] How do I hide download link ... > > > > > > > Hi, my customers go through a password authentication to > access a link > on > > my > > > site to download a file. I want to prevent the distribution of the > > location > > > of this file on my server by making it hidden. Is there any php > > function(s) > > > that could assist in doing this? > > > > > > All I can think of so far is storing the original file in > a hard to > guess > > > directory, when a authenticated customer goes to download > it, send them > to > > a > > > script that copys the original file to a temp directory, > they download > the > > > file in the temp directory and then run a cron every so > many minutes to > > > clear out the files in the temp directory. > > > > > > If anyone has any ideas, examples or a way to improve on > what I came up > > with > > > please respond. Thanks! > > > > > > > > > > > > -- > > > PHP General Mailing List (http://www.php.net/) > > > To unsubscribe, visit: http://www.php.net/unsub.php > > > > > > > > > > > > -- > > PHP General Mailing List (http://www.php.net/) > > To unsubscribe, visit: http://www.php.net/unsub.php > > > > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
