NetTalk Central
NetTalk Web Server => Web Server - Ask For Help => Topic started by: Wolfgang Orth on September 15, 2009, 09:17:45 AM
-
Hello all,
is it possible to have a "virtual URL" to download a file from?
The idea is to offer a download-link, which is not really existing, sort of.
A visitor gets to a form, enters some data like a code or his name or anything alike, then he gets pointed to or gets offered a download-link, which ought to be unique for this moment.
This means, a visitor, of course, could save that URL and pass it to someone else, but it wouldn't work there. Something like www.server.com/YxPpTtGgNnUuEeWw/FILE.ZIP
The other idea is to generate a sessionvariable, like TODAY() & CLOCK(), and passing this as parameter.
And only when the parameter = sessionvariable the download starts.
This would work, but the user still could slip by and type the URL to fetch the ZIP.
Then I found p_web._SendFile( filename, header).
This can be called in a webpage where you need to be logged in, which can be achieved automatically with parameter = sessionvariable. And it works fine, as long as the file that gets sent, is a non-binary file. My ZIP is also handled as non-binary, the screen is spilled over with special characters...
Is p_web._SendFile() the appropriate method at all?
What would be better?
I hope my description was not too clumsy.
PS: p_web._SendFile( filename, header) - if filename is relative, it needs to be relative to the EXE, i.o.w. './web/file.zip'. Just for info if you plan to use it yourself.
-
neat idea.
If you have your form save the filename to send and the 1-time key, the user could have a link given to them like www.server.com/download?q=YxPpTtGgNnUuEeWw/FILE.ZIP
That would pass the key as a parameter to the downloader.
The downloader can look up the key and verify if it had been downloaded before or if they waited too long, etc.
chris
-
sounds like you worked it out but you could of course just create a temp folder using their sessionID, copy the file to that folder and delete the folder and file when the session expires.
I do a similar thing with attachments so they are served up from the username folder rather than a general folder where users could possibly guess existing file names.
-
That's true but you can't send them an email with invoice/instructions with the link so they can get it later. And tell if they actually went to get the file.
I do create sub directories for data uploads and batch imports based on the user name
chris
-
but you could of course just create a temp folder using their sessionID, copy the file to that folder and delete the folder and file when the session expires.
I had this in my mind too, but suspected relics after downloads, but yes, when the session expires (should not before a 50 MB download is done, right) is a good moment to cleanup.
I will weigh this idea again - thx, Kevin!
-
...them like www.server.com/download?q=YxPpTtGgNnUuEeWw/FILE.ZIP
That would pass the key as a parameter to the downloader.
hmm, yes, but this would still require a viable d/l-link on that page, or?
-
I would think that the download page would have a submit button on it and that the passed parameters - the download key would setup the page to download the requested file.
chris