0
I am with a difficulty, I made a system that releases file download for each specific user, this verification is done by the logged user code and filters month and year that the user fills, so necessarily the person has to be logged in to generate this link, but once the person downloads anyone can using this link download the file again and that’s what I didn’t want, I’d like that link to be hidden, there’s some way to do it?
<?php
$pasta = '/arquivos';
$arquivos = "$user->cod_func".' '.utf8_decode($_POST['select_mes']).' de '.$_POST['select_ano'].'.pdf';
$filename = 'arquivos/'.$arquivos;
if (file_exists($filename)) {
?>
Download do Arquivo: <a href="?action=download&file=<?php echo base64_encode("$pasta/$arquivos"); ?>"><?php echo $_POST['select_mes'].' '.$_POST['select_ano']; ?></a>
<br>
Vizualizar: <a href="?action=embed&file=<?php echo base64_encode("$pasta/$arquivos"); ?>"><?php echo $_POST['select_mes'].' '.$_POST['select_ano']; ?></a>
<br>
<?php
} else {
echo "Não existe holerith no mês selecionado";
}
?>
You can do the same validation on the download page, only releasing the download case all right. And it would be good not to pass the file path, use some code to identify.
– Augusto
Exactly what I want to mask this address at the time of downloading, the user validation is done by joomla ai in PHP I only get the session, but even validating it around only restricts if I access php direct if I access the generated link it still downloads the file
– Rogerio Santana