Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Chriss Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Selling Files: Keeping the File Location Secret

Status
Not open for further replies.
RustyMason

RustyMason

Programmer
Joined
Dec 14, 2000
Messages
4
Location
US
I have a site that I want to sell files (.pdf, .doc, etc.) from. All of the solutions I've tried so far expose the file's URL. But, I want to hide the actual location of the files to keep non-paying customers from accessing them. I could make a temporary file for the paying user, and put it in his directory, but that seems like too much work. How can I do this on my site using Perl?

Thank you,
Rusty
 
Sort by date Sort by votes
You can use a cloaking script, which is called with a set of arguments, which can firstly verify the user can download the file, together with the name of the file. Such as

/cgi-bin/cloak.cgi?user=someone&file=hidden.pdf

The hidden.pdf file can then be stored in any directory you like and only the cgi script will know it.

To add security, as some CGI directories, if not set correctly, can allow unscrupulous users to read the cgi code, you can store a config file in another directory which cannot be seen by the outside world, and use that to hold the name of the directory where hidden files are.

As an example, on one of my sites I have the following top level directories:

/cgi-bin
/conf
/download
/html

The scripts are all in /cgi-bin, and standard html are in /html, which are the only 2 directories readable via the web server. On load up I read a config file in /conf, which then tells me where inside the /download directory the required file is.

HTH,
Barbie. Leader of Birmingham Perl Mongers
 
Upvote 0 Downvote
Barbie,

Here's what I ended up doing:

#!/usr/bin/perl -w
#
#testpdf.cgi

$real_doc_path = "/usr/users/bclinton/public_html";
$doc = "$real_doc_path/ReadMe.pdf";
print "Content-Type: application/pdf\n\n";
open (IMAGE, $doc);
while (<IMAGE>){
print $_;
};
close (IMAGE);
exit;

Then, when a user is sent to
the pdf doc will display below, and only the URL for the script (testpdf.cgi) will show in the address bar; The real location of the pdf document is hidden inside the script.

I had tried this before posting my question, but it didn't work because I was using the http path instead of the real path to my pdf file. (duh)

Fortunately, I don't have a problem with anyone being able to read my cgi-bin directory or scripts (at least, not that I know!) via browser.

Thank You,
Rusty
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

rob54321
  • Locked
  • Question Question
Perl how to read line from file with interpolation
Replies
6
Views
1K
rob54321
rob54321
Limbomusic
  • Locked
  • Question Question
Perl files getting accessed directly
Replies
0
Views
669
Limbomusic
Limbomusic
newbie1238585
  • Locked
  • Question Question
Perl how to read string in csv file * as wildcard operator
Replies
2
Views
839
mikrom
mikrom
Dino_1000
  • Locked
  • Question Question
Use the perl debugger to dump all the data in a string variable
Replies
0
Views
683
Dino_1000
Dino_1000
Anurag Sinha
  • Locked
  • Question Question
calling perl script on click of the button
Replies
0
Views
486
Anurag Sinha
Anurag Sinha

Part and Inventory Search

Sponsor

Back
Top