Security for downloading files

Results 1 to 2 of 2

Thread: Security for downloading files

  1. #1
    Join Date
    Dec 1969

    Default Security for downloading files

    Hi there,<BR><BR>I have a site which requires user to login before gaining access to a download page which lists all the downloads available. Currently I am using Session variables to keep track whether the user has logged in successfully. <BR><BR>My question is a user can actually download a file without logging in if the user knows the url to the file. How can i prevent that from happening?<BR><BR>Thank you :)

  2. #2
    Join Date
    Dec 1969

    Default RE: Security for downloading files

    Put the files into a directory that isn&#039;t accessible to the public.<BR><BR>Use an object like SA-FileUp to read the file into memory and then, setting the content-disposition headers, write it to the output buffer. You can protect the page that does this read & return of the file.<BR><BR>-Doug

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts