[nycphp-talk] protecting download directory in PHP app on Unix box?
Kristina Anderson
ka at kacomputerconsulting.com
Wed May 28 11:25:21 EDT 2008
This might be off topic as well...but I have a PHP app that submits to
Paypal and then on the "thank you" page, I provide a link to a PDF that
they bought.
The server is Unix based, and before submitting the sale, I collect
various information about the user, and then when the transaction is
complete, I get a unique transaction ID from Paypal.
What's the easiest, quickest way to provide some level of complexity to
the downloads so that people can't just go back into the directory and
download every PDF without paying? It doesn't have to be 100% secure
but should be secure enough to keep out "most" people.
I've been looking into .htaccess but wondering if that's overkill and
there isn't some way to authenticate against my DB information before
allowing the download?
-- Kristina
More information about the talk
mailing list