How to prevent users to download more than one file at time?
Hello,
As I would like to save some ram and bandwidth, I'm looking for a script that could prevent users to download more than one file at time on my website.
As I would like to save some ram and bandwidth, I'm looking for a script that could prevent users to download more than one file at time on my website.
Does anybody knows one?
Thanks,
Vince
A few lines of code in Perl can do this. Are you looking for a Perl-based solution or PHP? I like Perl myself for better control and security.
Here are a few good measures. First, make the directory non-browsable by placing an index.html file in it. I use either a re-direct back to my home page when they hit the directory, or print a page like this one.
Here's the code. (Very simple HTML file), just remember to save it as index.html
Code:
<html>
<head>
<title>Directory Browsing Disabled</title>
</head>
<body>
<h1>Directory Browsing Disabled</h1>
<p>Directory browsing has been disabled by the user.</p>
</body>
</html>
If you have any links to your downloads, remove them and use an app to control what they download. I make my users select the download from a form and let the app manage the download.
Here. This is the form. I call mine download.html. I also require them to use an email address to prevent automated downloads.
And here is the cgi file called dl.cgi. Make sure to place it in the right directory and chmod 755.
Code:
#!/usr/bin/perl
print "Content-type:text/html\n\n";
read(STDIN, $buffer, $ENV{'CONTENT_LENGTH'});
@pairs = split(/&/, $buffer);
foreach $pair (@pairs) {
($name, $value) = split(/=/, $pair);
$value =~ tr/+/ /;
$value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
$FORM{$name} = $value;
}
if ($FORM{'package'} eq "item1") {
$order = "filename";
}
if ($FORM{'package'} eq "item2") {
$order = "filename";
}
if ($FORM{'package'} eq "item3") {
$order = "filename";
}
# if selection is noselect, then die nice
if ($FORM{'package'} eq "noselect") {
&dienice("You didn't select a file to download. Hit back in your browser and select a file.")
}
# if selection is blank, then die nice
if ($FORM{'package'} eq "") {
&dienice("You didn't select a file to download. Hit back in your browser and select a file.")
}
# Untaint email string to make sure it's a valid email address or not blank.
if ($FORM{'email'} !~ /[\w\-]+\@[\w\-]+\.[\w\-]+/) {
&dienice("You did not enter a valid email address.");
} else {
print <<EndHead;
<html><head><title></title>
<meta http-equiv="Refresh" content="3; URL=http://www.url.com/dl/$order">
</head>
<body>
EndHead
# This is optional. This will let you know when someone downloads a file.
# begin mail subroutine
$mailprog = '/usr/sbin/sendmail';
$recipient = 'your@email.com';
open (MAIL, "|$mailprog -t") or &dienice("Can't access $mailprog!\n");
print MAIL "To: $recipient\n";
print MAIL "From: $FORM{'email'}\n";
print MAIL "Reply-to: $FORM{'email'}\n";
print MAIL "Subject: $FORM{'package'} Download\n\n";
print MAIL <<EndHTML;
Email: $FORM{'email'}
Package: $FORM{'package'}
EndHTML
close(MAIL);
# End mail subroutine
# now print something to the HTML page, usually thanking the person
# for filling out the form, and giving them a link back to your homepage
print <<EndHTML;
<h2>Thank You!</h2>
<p style="font-size: 10pt">Thank you! Your download should begin shortly. If it does not, <a href="#" onclick="window.location='http://www.url.com/dl/$order'" style="font-size: 10pt">click here</a> to download the file manually.
</p>
</body></html>
EndHTML
}
sub dienice {
($errmsg) = @_;
print "<h2>Error</h2>\n";
print "$errmsg<p>\n";
print "</body></html>\n";
exit;
}
You can add as many items as you want in the html file just by adding another option field. <option value="item4">Item 4</option>.
Just remember to add the respective handle for it in the cgi file.
if ($FORM{'package'} eq "item4") {
$order = "filename";
}
filename will be the name of the actual file, item.zip, etc.
One last thing. Make sure the file is in your directory otherwise your user will get an error.
The url http://www.url.com/dl/$order must be the url where your file is located, so if you have a file located in the http://www.wemakewidgets.com/download/ directory, your string will look like this:
http://www.wemakewidgets.com/download/$order
The $order is the file name.
Thirdly, you might consider putting a robots.txt file in your root directory of your site, (where your home page is), to help stop search engines from indexing your file.
The directory you disallow is relative, so you don't need the full url.
So now you have no links to your files, you must enter a valid email address to download a file, you can only download 1 file at a time, your download directory is not world readable, and most search engines won't crawl your download directory or download.html file.
And to top it off the download page is set to expire and use pragma to stop it from being cached and require the client to get it fresh from the server every time.
Hmm. One more thing... You will be notified via email when someone downloads. If you want that feature, just put your real email addy in the recipient spot. If you don't want it, delete the mail subroutine.. I've tagged the start and end so it will be easy... just delete between the tags.
A few lines of code in Perl can do this. Are you looking for a Perl-based solution or PHP? I like Perl myself for better control and security.
Thank you too.
To be honest, I'm a newbie in programming, generally I let my web editor do that or take ready-made scripts.
If using a Perl-based solution is not too hard to make, I'd like to give a try.
Linear Mode
