Reply to Re: Allowing users to download files using headers

Your name:

Reply:


Posted by ZeldorBlat on 12/05/06 13:25

mpar612 wrote:
> ZeldorBlat, that worked great. Thank you!
>
> I'm relatively new to all of this. For scrubbing the data, I added a
> unique id to each row of the db table. This is auto incremented each
> time a new row is added. So rather than sending the path and name of
> the file through the URL, I am just sending the unique id. Is this
> acceptable for security purposes?
>
> Thanks again!

That's better -- it would only allow people to download the file if it
appears in a row in the database. But it doesn't, however, prevent me
from getting a file that only you should see. If all the files are
supposed to be accessible to everyone then that's fine -- but it
doesn't provide any sort of per-user authorization.

[Back to original message]
Удаленная работа для программистов  •  Как заработать на Google AdSense  •  England, UK  •  статьи на английском  •  PHP MySQL CMS Apache Oscommerce  •  Online Business Knowledge Base  •  DVD MP3 AVI MP4 players codecs conversion help
Home  •  Search  •  Site Map  •  Set as Homepage  •  Add to Favourites

Copyright © 2005-2006 Powered by Custom PHP Programming

Сайт изготовлен в Студии Валентина Петручека
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация