How to make temporary link for a downloadable file

php cakephp cakephp-1.3
Vhanjan picture Vhanjan · Sep 25, 2012 · Viewed 16.5k times · Source

I am making a project for a temporary download link for me to protect the file from hotlinkers...

I believe that this is possible to do so.. because we all know that many of file sharing site "don't wanna mention any"... their link for the file has expiration...

Ex.

If I download one file from their site they give a direct link to click it right? but then that link will expire right after a few hours or minutes.

How should I know that the link was expired? If I copy the same link on my download manager after one day, it can't download the same file.

I already made this possible in htaccess.

Ex.

RewriteRule .*\.(rar|ZIP)$ http://domain.com [R,NC]

if they copy the direct link in the address bar of the browser they will be redirected in http://domain.com

But then if they copy the direct link on their download manager the file will be downloaded.

What if they post the link into any other site like forum website, blog, etc., and ask the reader to copy and paste the link into their download manager, so that they can download it directly.

This is the problem I want to prevent to protect my file. I am doing this on PHP but I can't figure it out...

Your help is very much appreciated.

Answer

Ben Graham picture Ben Graham · Sep 26, 2012

Link to something like /downloads/abb76b3acbd954a05bea357144d614b4, where abb... is a random string such as a salted hash of the current time. When you make this link for someone, store the random string in a database table. This table might look like:

+----+-------------+----------------------------------+---------------------+---------------------+
| id | filename    | token                            | created             | modified            |
+----+-------------+----------------------------------+---------------------+---------------------+
|  1 | image.jpg   | abb76b3acbd954a05bea357144d614b4 | 2012-03-26 19:36:41 | 2012-03-26 19:36:41 |
|  2 | program.exe | 19660d0f5e0ca3d42e1718de5d0a1d7e | 2012-08-29 11:07:58 | 2012-08-29 11:07:58 |
+----+-------------+----------------------------------+---------------------+---------------------+

When you get a request at /downloads/..., look up the random string and send back the correct file. If the created timestamp is too old, don't do so. Use a cronjob to clean out old table rows, or less ideally, do this every time someone makes a request to /downloads/....

Related questions

Set Response Status Code

I have an API call for which I need to be able to run some checks and potentially return various status codes. I don't need custom views or anything, I just need to return the proper code. If the user …

Read More
How to eliminate php5 Strict standards errors?

After upgrading my PHP to 5.4.3 (WAMP server 2.2), my web app made in CakePHP 1.3, is showing the following errors in my index: Strict standards: Redefining already defined constructor for class Object in C:...\cake\cake\libs\object.php on line 63 Strict …

Read More
Get and post in cakephp

In Codeigniter I do this $p=$this->input->post(); to get all objects posted but I don't know if there is something similar in cakephp to get all posted variables from a form ? I am writing a function …

Read More