Hi,

One of my clients wants to offer downloads to their customers. However, they don't want people to be able to just cut and paste a link in the address bar and download the files directly (as they want only their customers downloading files and not any random person).

So I'm assuming there must be some way of creating secure downloads that doesn't actually offer an actual link for the downloads!

I was just wondering if someone could point me in the right direction to what I need to learn or any other advice (security issues, etc) in order for me to create this for my client.

I will be using SQL and ASP

Thanks in advance

Phil

first thing you need is some code in a page that will send a file while masking the actual location of the file. you can do this using an adodb.stream object and writing this directly to the response. or by using a component such as aspupload.

next thing is when to let the page send it. you can make this as complicated as you like obviously. if it's just a case of being logged in then it's easy (a session variable will do), otherwise you're going to need to start storing permissions somehow, perhaps a structure in the filesystem or something in a database.

hope that gets you started.

Thanks for the tips.

I think you've managed to give me enough to get started on.

I daresay that once I've had a play round with it for a few days I'll be back here pulling my hair out and asking for help :D