How to make a temporary link for a download file

Question

How to make a temporary link for a download file

I am creating a project for a temporary download link to protect the file from hotlinkers ...

I believe that this is possible ... because we all know that many sites for file sharing "do not want to mention them" ... their link to the file has an expiration date ...

Ref.

If I download one file from my site, does it give a direct link to click on it correctly? but then this link expires immediately after a few hours or minutes.

How do I know the link has expired? If I copy the same link in the download manager after one day, it cannot load the same file.

I have already made this possible in htaccess .

Ref.

 RewriteRule .*\.(rar|ZIP)$ http://domain.com [R,NC]

if they copy the direct link in the address bar of the browser, they will be redirected to http://domain.com

But if they copy the direct link in the download manager, the file will be downloaded.

What if they post a link to any other site, such as a forum, blog, etc. and ask the reader to copy and paste the link into their download manager so that they can download it directly.

This is a problem that I want to prevent to protect my file. I am doing this in PHP, but I cannot figure it out ...

Your help is greatly appreciated.

+8

php cakephp cakephp-1.3

Vhanjan 25 sept. '12 at 11:04

source share

5 answers

A link to something like /downloads/abb76b3acbd954a05bea357144d614b4 , where abb ... is a random string, such as the salted hash of the current time. When you make this link for someone, save a random row in the database table. This table might look like this:

 +----+-------------+----------------------------------+---------------------+---------------------+ | id | filename | token | created | modified | +----+-------------+----------------------------------+---------------------+---------------------+ | 1 | image.jpg | abb76b3acbd954a05bea357144d614b4 | 2012-03-26 19:36:41 | 2012-03-26 19:36:41 | | 2 | program.exe | 19660d0f5e0ca3d42e1718de5d0a1d7e | 2012-08-29 11:07:58 | 2012-08-29 11:07:58 | +----+-------------+----------------------------------+---------------------+---------------------+

When you get the request in /downloads/... , find a random line and send the correct file. If the created timestamp is too old, do not do this. Use a cronjob to clear old table rows or, less ideally, do this every time someone makes a request /downloads/...

+21

Ben graham Sep 26 '12 at 1:34

source share

The solution that comes to my mind is as follows: If you have a table that represents a file and, for example, FileModel, you can save there the file name, some details, size, and also the file path in your file system and unique , which may be the result of md5 from some of the data that you choose for it is based on some files, for example:

 $data[FileModel]['unique'] = md5(time() . $data[FileModel]['file']);

Each time before allowing someone to upload a file, you check to see if your table has such a unique value, if you allowed someone to upload it using the ur downloadFile method created in FileModel, but before that you create a new unique one way to prevent downloads

 $data[FileModel]['unique'] = md5(time() . $data[$this -> name]['file']); $this -> FileModel-> save($data[$this -> name]); $this -> FileModel -> downloadFile($data[$this -> name]);

If the ur database does not have such a unique value, you simply display an error about the timeout for the user link

 $this -> setFlashError('link expired');

Here I pase for you an example prototype action with which you can start from your controller:

 function download($file_data = ''){ $data = $this->FileModel->find('first', array('conditions' => array('FileModel.unique' => $file), 'fields' => array('*'))); if(!is_array($data[FileModel])) $this -> setFlashError('link expired'); else { $data[FileModel]['unique'] = md5(time() . $data[$this -> name]['file']); $this -> FileModel-> save($data[$this -> name]); if(!$this -> FileModel -> downloadFile($data[$this -> name])) { $this -> setFlashError('error')); } } }

You can also create a datetime field, where you can add, for example, 1 day to the current date and check the time remaining before loading has expired.

0

scx 25 sept. '12 at 13:04

source share

the one I found:

 header('Content-Type: application/force-download'); $filee = "your_file.txt"; $filesLocation = dirname(__file__).'/the_sub_folder_for_the_file/'.$filee; header('Content-Length:' . filesize($filesLocation)); header("Content-Disposition: inline; filename=\"".$filee."\""); $filesPointer = fopen($filesLocation,"rb"); fpassthru($filesPointer);

0

T.Todua Jun 25 '13 at 17:04

source share

I know this old question, but I have a way to upload a file only once without using a database, quick way :)

 if( isset($_GET['file']) && file_exists($_GET['file']) ) { $oldName = $_GET['file']; $newName = md5(time()).".txt"; if( rename($oldName, $newName) ) { // rename file to download just once downloadFile( $newName ); // download file function } else { echo 'this file is not exist'; } }

0

Mahmoud.ryan Mar 16 '17 at 18:57

source share

StaticVariable · Accepted Answer · 2012-09-25T11:10:09+0000

Use some code like this

  $path="uploads/"; $actualfilename=$path.$filename; $fakefilename="downloadfile.pdf"; if($typeofview=="download") { @readfile($actualfilename); header('Content-type: application/pdf'); header('Content-Disposition: attachment; filename="' . $fakefilename . '"'); header('Content-Transfer-Encoding: binary'); header('Content-Length: ' . filesize($actualfilename)); header('Accept-Ranges: bytes'); exit;

add this to your .htaccess file

 RewriteEngine On RewriteCond %{REQUEST_FILENAME} !-f RewriteRule fakefile.php(.*)$ orignalfile.php?$1 [L,QSA]

How to make a temporary link for a download file

More articles: