Jenny, While this is not the *best* method as it is very CF processing intensive, but you could move the book PDF files out of the web root so that they cannot be access directly. Then you have a password protected page that streams the book to the user via CFContent:
<!--- Tell the user's browser to Save-As file. ---> <cfhead name="Content-Disposition" value="attachment; filename=BOOK_NAME.pdf" /> <!--- Stream book to the user. ---> <cfcontent type="application/pdf" file="#ExpandPath( '../../../#FILE_NAME#' )#" deletefile="no" /> This way, you can put the files outside of direct URL access and you can only allow users to have them via ColdFusion and your built-in security. The problem with this is that streaming the file requiers ColdFusion processing which means that the larger the book file, the longer the thread is removed from the general processing thread pool (I think). This might also get logged in your server logs as a long runniing task. I am not sure if CFContent can TimeOut... Hope that helps at all. ....................... Ben Nadel www.bennadel.com -----Original Message----- From: Jenny Gavin-Wear [mailto:[EMAIL PROTECTED] Sent: Friday, July 21, 2006 4:40 AM To: CF-Talk Subject: Book site - secure download? Hi all, Would appreciate some input on the best way to go about this. I'd like to make a book available for download once the customer has paid. The payment process I can take care of, a db table will get updated with payment confirmation when processed. The aim is to make the link to the book only available to those who have actually paid. The book will either be in PDF format or a Word doc, it's about 200 pages long, so not huge. Options I've considered are: *Emailing the entire book *Emailing a link to the download together with a randomized password stored against the email address for login. I recognise if people are going to be determined to rip it off they are going to find a way, I'd just like to make it as difficult as possible. Any ideas please? Jenny -- No virus found in this outgoing message. Checked by AVG Free Edition. Version: 7.1.394 / Virus Database: 268.10.3/394 - Release Date: 20/07/2006 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Introducing the Fusion Authority Quarterly Update. 80 pages of hard-hitting, up-to-date ColdFusion information by your peers, delivered to your door four times a year. http://www.fusionauthority.com/quarterly Archive: http://www.houseoffusion.com/cf_lists/message.cfm/forumid:4/messageid:247267 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
