This hack is so-called safe-download-links hack for My-Downloads native module of XOOPS. Let me explain, how it works.

Let's suppose, you have download section on your site, that is available to certain users only. And, there is a bad guy, who wants to share your files with everyone on the net. How can this guy share your files with everybody, if he doesn't want to share his login and pass, doesn't want to upload all files to anywhere and likes to keep his secrecy? He simply clicks on link and looks, where xoops will redirect him. visit.php script makes increment of the download counter and then redirects him to actual file link, you entered, when created download. Xoops redirects him to and bad guy gives this links to all who wants to take it.

How to protect from this? You can protect this 'myhiddenxoopsdownloads' directory with .htaccess and .htpasswd files, but this will require al registered users enter their login and pass twice: once logging in to xoops downloads section and tghe next one when they will click on every link.

Let me suggest another solution. I developped hack for My-Downloads that never gives your user direct link to file. User can download file only throught visit.php script, which does all permission checking etc.

It also allows you to place 'myhiddenxoopsdownloads' folder anywhere on your home directory. Preferably in the place, that is not accessable by web-server. Only visit.php script should have permissions to read files in this secret directory. All download process is done inside visit.php script.



System Requirements:

Other files by: FractalizeR

SynHighlight Hack (2005/02/02)
XHLD - Russian (2005/01/27)

The comments are owned by the author. We aren't responsible for their content.


Top Module Downloads

Who's Online

78 user(s) are online (2 user(s) are browsing Module Repository)

Members: 0

Guests: 78



Goal: $100.00
Due Date: Feb 28
Gross Amount: $0.00
Net Balance: $0.00
Left to go: $100.00
Make donations with PayPal!