[nycphp-talk] protecting download directory in PHP app on Unix box?
Kristina Anderson
ka at kacomputerconsulting.com
Wed May 28 11:47:25 EDT 2008
the string I get back from Paypal doesn't have that email address...
just transaction id, "completed", amount & item number.
> Or just email the purchasers email address (obtained through paypal)
the
> .pdf.
>
> - Ben
>
> Kristina Anderson wrote:
> > This might be off topic as well...but I have a PHP app that submits
to
> > Paypal and then on the "thank you" page, I provide a link to a PDF
that
> > they bought.
> >
> > The server is Unix based, and before submitting the sale, I collect
> > various information about the user, and then when the transaction
is
> > complete, I get a unique transaction ID from Paypal.
> >
> > What's the easiest, quickest way to provide some level of
complexity to
> > the downloads so that people can't just go back into the directory
and
> > download every PDF without paying? It doesn't have to be 100%
secure
> > but should be secure enough to keep out "most" people.
> >
> > I've been looking into .htaccess but wondering if that's overkill
and
> > there isn't some way to authenticate against my DB information
before
> > allowing the download?
> >
> > -- Kristina
> > _______________________________________________
> > New York PHP Community Talk Mailing List
> > http://lists.nyphp.org/mailman/listinfo/talk
> >
> > NYPHPCon 2006 Presentations Online
> > http://www.nyphpcon.com
> >
> > Show Your Participation in New York PHP
> > http://www.nyphp.org/show_participation.php
> >
> >
> _______________________________________________
> New York PHP Community Talk Mailing List
> http://lists.nyphp.org/mailman/listinfo/talk
>
> NYPHPCon 2006 Presentations Online
> http://www.nyphpcon.com
>
> Show Your Participation in New York PHP
> http://www.nyphp.org/show_participation.php
>
>
More information about the talk
mailing list