7 Years
Discussion Span
Last Post by sudeepjd

You have not specified as to what backend your using. I'm assuming your using PHP (this is the PHP forum) and the data which the user is entering is being stored in a mySQL DB (or any other). There is a simple way to do this if this is the case.

1. When a user is filling up a form, his information is being populated in a table with probably his e-mail address as the primary key (This key can also be an auto gen number). At the same time enter a timestamp mktime() to get the from date i.e., the date one which the link will be acive.

2. Create a token. This token can be created with an md5 hash, maybe of the mktime() function or of the e-mail address $str=md5(mktime()) and store this in the DB as well in the same record as the user.

3. The link which you would then send to the user would be a link with his e-mail address (primary key in table) and the token generated in step 2. http://mydownloadaddress.com?id=<email>&tok=<tok> 4. When the user clicks on the link it would take him to a download page which would validate the token and the e-mail address combination and present him the link to download. This would be similar to a login form validation except that the username and password are got from the url using $_GET['id'] & $_GET['tok'] .

5. To prevent a manual download from the site with the direct link, use a .htaccess file with mod_rewrite and the following code

RewriteEngine On
RewriteCond %{HTTP_REFERER} !^http://(.+\.)?mydownloadaddress\.com [NC]
RewriteRule .*\.(pdf|doc)$ - [F]

Replace the mydownloadaddress.com with your site. This would prevent any downloads by directly entering the url into the address bar. It is done by checking the referer and only allows requests coming from within the site.

I hope this helps. Good Luck!

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.