Menu
i am developing website there some files which are placed in folder and also provided the links of those files for user so that they can download those files, i am just allowing authenticated user not all but as if there is any user who know the link of file directly put it in address bar and get that file, can anyone tell me that how i can make sure that the file downloaded only by the authenticated user not all users.
625
You don't want to provide links to the actual files. Your best bet is to store the files in a non-web accessible location, or set permissions on the folder so that it is only accessible to your application, not anonymous users.
You can maintain a list of user specific files in a user_files table in your database, and then link to a download script which defines the filename as a variable, and delivers the user file as an octet stream.
string _fileName;
string _path = /*some user specific path*/ + "FileDir/" + name;
System.IO.FileInfo _file = new System.IO.FileInfo(_path);
if (_file.Exists)
{
Response.Clear();
Response.AddHeader("Content-Disposition", "attachment; filename=" + _file.Name);
Response.AddHeader("Content-Length", _file.Length.ToString());
Response.ContentType = "application/octet-stream";
Response.WriteFile(_file.FullName);
Response.End();
}
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
