Search

Hello!

I know the front-end members extension is still in its early stages (beta) but is there already a way to protect downloads? I want to prevent downloads by guessing/sharing the dl-link for not logged in users.

You can create a custom datasource that selects the file from the Section and either redirects you to the file (still be accessible for guests but URL can’t be found that easily anymore) or returns the headers and the content of the file itself (limits the maximum size of the file due to limited RAM, bandwith and execution time).

You then attach the DS to a page, let’s say /download/:param and protect it using the usual access control mechanisms Members provides.

Simple redirecting isn’t an option (a removed user has still access to files if he knows the links). Could you please explain the “headers and content” more (in detail)? I quite don’t understand it.

Thanks

Could you please explain the “headers and content” more (in detail)? I quite don’t understand it.

Take a look at the export ensemble extension, they’re doing that there. Look for multiple lines calling the header() function.

Thank you for the tip… will take a look at it!

Create an account or sign in to comment.

Symphony • Open Source XSLT CMS

Server Requirements

  • PHP 5.3-5.6 or 7.0-7.3
  • PHP's LibXML module, with the XSLT extension enabled (--with-xsl)
  • MySQL 5.5 or above
  • An Apache or Litespeed webserver
  • Apache's mod_rewrite module or equivalent

Compatible Hosts

Sign in

Login details