473,325 Members | 2,480 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,325 software developers and data experts.

Anybody know a script or method to achieve this? (authentication/access related)

I have been trying to find some kind of authentication method or
script (PHP/perl/javascript or other) to achieve the following, with
no luck.

Say there are 100 files at a site. A person can choose which file to
download from a list, and to do so has to enter a code or password.
When a valid code or password is used they are redirected to a page
with a direct link to download the file.

Once that code or password has been used to download that one file
(and the same code/password can be used to access any one of the 100
files), it is then expired/deleted/made invalid and can't be used
again to download any other file.

Does anybody know a method or script somewhere that can do this?

Thanks.

Jim

Jul 17 '05 #1
3 1508
Jim J <me@privacy.net> wrote:
I have been trying to find some kind of authentication method or
script (PHP/perl/javascript or other) to achieve the following, with
no luck.
Don't bother looking at JavaScript in traditional client-side
environments. JavaScript can be run on a server, but it's somewhat
rare. You're probably better off with one of the other languages.
Say there are 100 files at a site. A person can choose which file to
download from a list, and to do so has to enter a code or password.
When a valid code or password is used they are redirected to a page
with a direct link to download the file.

Once that code or password has been used to download that one file
(and the same code/password can be used to access any one of the 100
files), it is then expired/deleted/made invalid and can't be used
again to download any other file.

Does anybody know a method or script somewhere that can do this?


This is going to require server-side code, a database (relational or
otherwise), and some mechanism for giving out codes/passwords. It's
also a fairly specific and unusual requirement. This is probably beyond
anything you're going to find pre-written.

As far as writing it, this should be fairly trivial in any server-side
web environment. However, you haven't told us what you're having
problems with, so help will be difficult to come by.

--
www.designacourse.com
The Easiest Way To Train Anyone... Anywhere.

Chris Smith - Lead Software Developer/Technical Trainer
MindIQ Corporation
Jul 17 '05 #2
Jim J wrote:
Once that code or password has been used to download that one file
(and the same code/password can be used to access any one of the 100
files), it is then expired/deleted/made invalid and can't be used
again to download any other file.


How do you know the download went ok? I wouldn't waste to much effort in a
copy protection scheme (that is how it sounds)

What sounds better: give a code that makes it possible to download one file
during 24 hrs. So, as soon as you hand out the access code, you register it
in a database + current time. When a file link is clicked, you store the
name of the file unless the user/password combo has already something
assigned. If it's the same file, and within the 24hrs, allow it, otherwise
deny.

Every day you delete all entries that are older than 24 hrs.

You can use 2 stamps, one for moment of user/password creation, and one for
the first download attempt. You can do then something like: if combo older
than 3 days, delete it. If first download attempt was more then 8 hrs ago,
the combo no longer can be used.

--
John Small Perl scripts: http://johnbokma.com/perl/
Perl programmer available: http://castleamber.com/
Happy Customers: http://castleamber.com/testimonials.html

Jul 17 '05 #3


John Bokma wrote:
Jim J wrote:

Once that code or password has been used to download that one file
(and the same code/password can be used to access any one of the 100
files), it is then expired/deleted/made invalid and can't be used
again to download any other file.

How do you know the download went ok? I wouldn't waste to much effort in a
copy protection scheme (that is how it sounds)

What sounds better: give a code that makes it possible to download one file
during 24 hrs. So, as soon as you hand out the access code, you register it
in a database + current time. When a file link is clicked, you store the
name of the file unless the user/password combo has already something
assigned. If it's the same file, and within the 24hrs, allow it, otherwise
deny.

Every day you delete all entries that are older than 24 hrs.

You can use 2 stamps, one for moment of user/password creation, and one for
the first download attempt. You can do then something like: if combo older
than 3 days, delete it. If first download attempt was more then 8 hrs ago,
the combo no longer can be used.


I agree with everything John said. I would add that your script
should not deilver the content directly but rather perform an
internal redirect within the server so that the server will
cope with restartable download properly.

Jul 17 '05 #4

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

4
by: Bob | last post by:
Hello!!! I am programming a community website, with the usual stuff... some people must subscribe and become members, so they can log in and visit some pages and discuss between them, it's a...
8
by: Pete..... | last post by:
Hi all I am working on a log in script for my webpage. I have the username and the password stored in a PostgreSQL database. The first I do is I make a html form, where the user can type in his...
3
by: Jim J | last post by:
I have been trying to find some kind of authentication method or script (PHP/perl/javascript or other) to achieve the following, with no luck. Say there are 100 files at a site. A person can...
7
by: sunil philip | last post by:
How do i identify the page that fired a method? e.g. page1.html ----------- <Head> <script> document.write(myfun()); </script>
1
by: Joe | last post by:
Hi, I’m looking for a Registration / Join In script in either asp.net or asp. User will fill the form (First Name, Last Name, Email, Company, Phone, etc) and after submitting the form, an...
5
by: Jon Skeet [C# MVP] | last post by:
I've got a web service where different methods require different roles, and I'm trying to enforce that now. I've worked out *one* way of doing things, using PrincipalPermissionAttribute - but...
3
by: ATS | last post by:
HOWTO Post to a URL from Server Side ASP script. Please help, I'm trying to make a simple ASP page post to a URL on a seperate web site, and then get the returned HTML into a string which on...
4
by: webrod | last post by:
Hi, I am trying to secure a WS using WSE 3.0 and kerberos. I used the "WSE 3.0 settings" from VS2005 with my own WS. I have a console application which try to access a WS. With the...
1
by: rocksoft | last post by:
Hi, i have devloping web application in Asp.net and c#, i have used ajax to achieve the auto complete text box, my company using visual studio 2003, ajax auto complete text box...
0
by: DolphinDB | last post by:
Tired of spending countless mintues downsampling your data? Look no further! In this article, youll learn how to efficiently downsample 6.48 billion high-frequency records to 61 million...
0
by: ryjfgjl | last post by:
ExcelToDatabase: batch import excel into database automatically...
0
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, we are pleased to welcome back...
1
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, we are pleased to welcome back...
0
by: ArrayDB | last post by:
The error message I've encountered is; ERROR:root:Error generating model response: exception: access violation writing 0x0000000000005140, which seems to be indicative of an access violation...
1
by: PapaRatzi | last post by:
Hello, I am teaching myself MS Access forms design and Visual Basic. I've created a table to capture a list of Top 30 singles and forms to capture new entries. The final step is a form (unbound)...
0
by: af34tf | last post by:
Hi Guys, I have a domain whose name is BytesLimited.com, and I want to sell it. Does anyone know about platforms that allow me to list my domain in auction for free. Thank you
0
by: Faith0G | last post by:
I am starting a new it consulting business and it's been a while since I setup a new website. Is wordpress still the best web based software for hosting a 5 page website? The webpages will be...
0
isladogs
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 3 Apr 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome former...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.