Knowledgebase

Portal Home > Knowledgebase > Articles Database > prevent direct file download but allow php download via htaccess


prevent direct file download but allow php download via htaccess




Posted by yohanesw, 01-17-2009, 02:58 PM
I'm planning to use whmcs product downloads capability to integrate my ebook product as a separate product that can be downloaded after the purchase. I've known some trick using the htaccess to prevent direct file access / file browsing for directory, in this case, the directory is "downloads" in the whmcs root. If i put that htaccess in the downloads folder, i can't access / direct download the file i've uploaded in the product downloads as i expected, but apparently this also affect the download link for user in whmcs. any idea how htaccess can block direct file access, but allow if downloaded via php link?
Posted by ZackN, 01-17-2009, 03:39 PM
Don't know about anything integrated into whmcs, but you can use php to read the file and output it to the browser. Here's a good example: w-shadow.com/blog/2007/08/12/how-to-force-file-download-with-php/
Posted by yohanesw, 01-17-2009, 03:53 PM
hi zack, whmcs already encode the link with php like this: http://www.domain.com/billing/dl.php?type=d&id=2 fyi, this is my htaccess file: # secure htaccess file order allow,deny deny from all Options All -Indexes RewriteEngine On RewriteCond %{HTTP_REFERER} !^http://(.+\.)?domain\.com/ [NC] RewriteCond %{HTTP_REFERER} !^$ RewriteRule .*\.(exe|zip)$ - [F] deny from all Options Indexes order deny,allow
Posted by code_iain, 01-18-2009, 03:15 PM
I'm not sure if this helps, as I don't know anything about whmcs, but it sounds like you want the file to be downloadable but not accessible unless you allow it. If you can't figure out the htaccess approach, could you do something like this: This way the file can be kept in a directory that isn't publicly accessible (in the example i chose an arbitrary lib directory), and you can set a variable in the session to determine whether someone has made a purchase or not to prevent someone from downloading the book without buying it.


Was this answer helpful?

Add to Favourites Add to Favourites    Print this Article Print this Article

Also Read
Simple C++ Question [Dynamic char allocation] (Views: 461)
Robot.txt question (Views: 488)
cloud communication (Views: 459)
GlusterFS experience and recommendations ? (Views: 489)
Tomcat Configure (Views: 447)

Language: