473,218 Members | 1,683 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,218 software developers and data experts.

Anybody know a script or method to achieve this? (authentication/access related)

I have been trying to find some kind of authentication method or
script (PHP/perl/javascript or other) to achieve the following, with
no luck.

Say there are 100 files at a site. A person can choose which file to
download from a list, and to do so has to enter a code or password.
When a valid code or password is used they are redirected to a page
with a direct link to download the file.

Once that code or password has been used to download that one file
(and the same code/password can be used to access any one of the 100
files), it is then expired/deleted/made invalid and can't be used
again to download any other file.

Does anybody know a method or script somewhere that can do this?

Thanks.

Jim

Jul 17 '05 #1
3 1502
Jim J <me@privacy.net> wrote:
I have been trying to find some kind of authentication method or
script (PHP/perl/javascript or other) to achieve the following, with
no luck.
Don't bother looking at JavaScript in traditional client-side
environments. JavaScript can be run on a server, but it's somewhat
rare. You're probably better off with one of the other languages.
Say there are 100 files at a site. A person can choose which file to
download from a list, and to do so has to enter a code or password.
When a valid code or password is used they are redirected to a page
with a direct link to download the file.

Once that code or password has been used to download that one file
(and the same code/password can be used to access any one of the 100
files), it is then expired/deleted/made invalid and can't be used
again to download any other file.

Does anybody know a method or script somewhere that can do this?


This is going to require server-side code, a database (relational or
otherwise), and some mechanism for giving out codes/passwords. It's
also a fairly specific and unusual requirement. This is probably beyond
anything you're going to find pre-written.

As far as writing it, this should be fairly trivial in any server-side
web environment. However, you haven't told us what you're having
problems with, so help will be difficult to come by.

--
www.designacourse.com
The Easiest Way To Train Anyone... Anywhere.

Chris Smith - Lead Software Developer/Technical Trainer
MindIQ Corporation
Jul 17 '05 #2
Jim J wrote:
Once that code or password has been used to download that one file
(and the same code/password can be used to access any one of the 100
files), it is then expired/deleted/made invalid and can't be used
again to download any other file.


How do you know the download went ok? I wouldn't waste to much effort in a
copy protection scheme (that is how it sounds)

What sounds better: give a code that makes it possible to download one file
during 24 hrs. So, as soon as you hand out the access code, you register it
in a database + current time. When a file link is clicked, you store the
name of the file unless the user/password combo has already something
assigned. If it's the same file, and within the 24hrs, allow it, otherwise
deny.

Every day you delete all entries that are older than 24 hrs.

You can use 2 stamps, one for moment of user/password creation, and one for
the first download attempt. You can do then something like: if combo older
than 3 days, delete it. If first download attempt was more then 8 hrs ago,
the combo no longer can be used.

--
John Small Perl scripts: http://johnbokma.com/perl/
Perl programmer available: http://castleamber.com/
Happy Customers: http://castleamber.com/testimonials.html

Jul 17 '05 #3


John Bokma wrote:
Jim J wrote:

Once that code or password has been used to download that one file
(and the same code/password can be used to access any one of the 100
files), it is then expired/deleted/made invalid and can't be used
again to download any other file.

How do you know the download went ok? I wouldn't waste to much effort in a
copy protection scheme (that is how it sounds)

What sounds better: give a code that makes it possible to download one file
during 24 hrs. So, as soon as you hand out the access code, you register it
in a database + current time. When a file link is clicked, you store the
name of the file unless the user/password combo has already something
assigned. If it's the same file, and within the 24hrs, allow it, otherwise
deny.

Every day you delete all entries that are older than 24 hrs.

You can use 2 stamps, one for moment of user/password creation, and one for
the first download attempt. You can do then something like: if combo older
than 3 days, delete it. If first download attempt was more then 8 hrs ago,
the combo no longer can be used.


I agree with everything John said. I would add that your script
should not deilver the content directly but rather perform an
internal redirect within the server so that the server will
cope with restartable download properly.

Jul 17 '05 #4

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

4
by: Bob | last post by:
Hello!!! I am programming a community website, with the usual stuff... some people must subscribe and become members, so they can log in and visit some pages and discuss between them, it's a...
8
by: Pete..... | last post by:
Hi all I am working on a log in script for my webpage. I have the username and the password stored in a PostgreSQL database. The first I do is I make a html form, where the user can type in his...
3
by: Jim J | last post by:
I have been trying to find some kind of authentication method or script (PHP/perl/javascript or other) to achieve the following, with no luck. Say there are 100 files at a site. A person can...
7
by: sunil philip | last post by:
How do i identify the page that fired a method? e.g. page1.html ----------- <Head> <script> document.write(myfun()); </script>
1
by: Joe | last post by:
Hi, I’m looking for a Registration / Join In script in either asp.net or asp. User will fill the form (First Name, Last Name, Email, Company, Phone, etc) and after submitting the form, an...
5
by: Jon Skeet [C# MVP] | last post by:
I've got a web service where different methods require different roles, and I'm trying to enforce that now. I've worked out *one* way of doing things, using PrincipalPermissionAttribute - but...
3
by: ATS | last post by:
HOWTO Post to a URL from Server Side ASP script. Please help, I'm trying to make a simple ASP page post to a URL on a seperate web site, and then get the returned HTML into a string which on...
4
by: webrod | last post by:
Hi, I am trying to secure a WS using WSE 3.0 and kerberos. I used the "WSE 3.0 settings" from VS2005 with my own WS. I have a console application which try to access a WS. With the...
1
by: rocksoft | last post by:
Hi, i have devloping web application in Asp.net and c#, i have used ajax to achieve the auto complete text box, my company using visual studio 2003, ajax auto complete text box...
1
isladogs
by: isladogs | last post by:
The next online meeting of the Access Europe User Group will be on Wednesday 6 Dec 2023 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, Mike...
0
by: veera ravala | last post by:
ServiceNow is a powerful cloud-based platform that offers a wide range of services to help organizations manage their workflows, operations, and IT services more efficiently. At its core, ServiceNow...
0
by: VivesProcSPL | last post by:
Obviously, one of the original purposes of SQL is to make data query processing easy. The language uses many English-like terms and syntax in an effort to make it easy to learn, particularly for...
3
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 3 Jan 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). For other local times, please check World Time Buddy In...
2
by: jimatqsi | last post by:
The boss wants the word "CONFIDENTIAL" overlaying certain reports. He wants it large, slanted across the page, on every page, very light gray, outlined letters, not block letters. I thought Word Art...
0
by: stefan129 | last post by:
Hey forum members, I'm exploring options for SSL certificates for multiple domains. Has anyone had experience with multi-domain SSL certificates? Any recommendations on reliable providers or specific...
0
Git
by: egorbl4 | last post by:
Скачал я git, хотел начать настройку, а там вылезло вот это Что это? Что мне с этим делать? ...
1
by: davi5007 | last post by:
Hi, Basically, I am trying to automate a field named TraceabilityNo into a web page from an access form. I've got the serial held in the variable strSearchString. How can I get this into the...
0
by: MeoLessi9 | last post by:
I have VirtualBox installed on Windows 11 and now I would like to install Kali on a virtual machine. However, on the official website, I see two options: "Installer images" and "Virtual machines"....

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.