* Thus wrote Boaz Yahav ([EMAIL PROTECTED]):
>
> I thought of using a download function that uses headers and readfile()
> or fread(). This way i can
> check who is the user and send / not send the file. However, this does
> not seem to work with
> such big files.
you most likely are running into the script timeout when people
are downloading the file. I would in this case, use fread so you
can do some checking in between sends and if bandwidth becomes a
problem you can do some bandwidth throttling:
set_timelimit(0);
while (! feof() {
if (connection_aborted() ) {
break; // no need to send the data now.
}
fread();
print $data;
}
>
> Another idea is to use Apache Mod Rewrite and check that the user has
> the referrer of the
> download server. I'm assuming that he will only have this if he had
> access to a link to the
> file from the server it's self and such a link will only be provided to
> members. As far as i can
> think, you can only fake a referrer by writing your own client.
I would discourage this for the fact that the referer can easily be
faked. If you downloads are important to the general public and
word gets out that the referer is your security.. say good bye to
your bandwidth :)
>
> If anyone has any ideas or comments I'll be very happy to get them.
HTH,
Curt
--
"I used to think I was indecisive, but now I'm not so sure."
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
