Hiding direct links?

Discussion in 'Web Design & Coding' started by ezfilehosting.com, Jul 7, 2005.

  1. ezfilehosting.com

    ezfilehosting.com OSNN One Post Wonder

    Messages:
    3
    Is there away for me to hide my links? ok.. I have an file management and I would like to hide location of the files. If you guys upload a text.txt
    you would get http://www.ezfilehosting.com/files/text.txt , I would like to know if I can hide it and how.. Thanks for your help :)
     
  2. Electronic Punk

    Electronic Punk Administrator Staff Member Political User Folding Team

    Messages:
    18,590
    Location:
    Copenhagen, Denmark
  3. ezfilehosting.com

    ezfilehosting.com OSNN One Post Wonder

    Messages:
    3
    yes, how would I do that? I looked around found anti-leech wasn't much help because you must place like hotlinking protection... I just want to hide my directory so no one can snoope around. anyway I can do this?
     
  4. albybum

    albybum Penguin Rancher

    Messages:
    280
    Location:
    Elizabethton, TN
    This is a stripped down form of the download script I made to control downloads on my site.

    PHP:
    <?php
    // ###############################################
    // Filename: getFile.php
    // Author: Albert Holtsclaw, www.albybum.net
    // Email: albybum@albybum.net
    // ###############################################
    // Installation and use:
    //    Copy this script to a text file with the .php extension
    //    getFile.php for example.
    //
    //    Modify the example case section to fit your file information.
    //    A new case will need to be created for each file.
    //
    //    Link to the script with the id of the file you want to download.
    //    getFile.php?id=Some_ID
    //    http://www.albybum.net/download/getFile.php?id=wow1.4
    // ###############################################


    // Functions
    function showError($error)
    {
                 print 
    "There has been an error. <br />";
                 print 
    "Error Code: ".$error;
        return 
    true;
    }

    // ERROR Lists
    // 2021 bandwidth exceeded
    // 404 not found

    // Set Defaults
    $error="404";
    $allow=false;

    // Retrieve the file id from input 
    $id=$_GET['id'];

        
    // Switch, Case block
        
    switch  ($id)
         {


               
    // :: EXAMPLE CASE
           // ###########  THE_ART_OF_SHADOWBLADERY  ###########
           
    case "201":
                    
    // File Mime Type
               
    $type 'video/x-ms-wmv';
            
    // File Name
               
    $filename 'THE_ART_OF_SHADOWBLADERY.wmv';
            
    // Path to file, relative to this script
               
    $path 'store/THE_ART_OF_SHADOWBLADERY.wmv';
            
    // Whether to allow this download, set false to stop download
                       
    $allow=true;
            break;    

           
    // :: TODO - modify this case to fit your file information
               // :: EMPTY CASE
           // ########### SOME FILENAME COMMENT ###########
           
    case "SOME_UNIQUE_ID":
            
    $type 'application/zip';
            
    $filename 'SOME_FILE.zip';
            
    $path 'downloads/store/SOME_FILE.zip';
                    
    $allow=true;
            break;



           
    // :: Default case if nothing matches the ID
           // ###########  DEFAULT  ###########
           
    default:    
            
    $error="404";
            break;

        }



    // IF Allow has been set through a file case, allow download.
    if ($allow==true)
    {
        
    header("Content-Type: $type");
        
    header("Content-Disposition: attachment; filename=$filename");
        
    readfile($path);
    }
    else
    {        
        
    showError($error);
    }


    ?>

    You would need to create a case and provide a unique id, the path, filename, and mime type for each download.

    You could then access the file by a url formed like,
    http://www.albybum.net/download/getFile.php?id=201

    I store all my downloads in http://www.albybum.net/download/store

    The "store" directory is locked/restricted so only my script can serve the files to users. This also allows more control of who and how many can download your script with a little extra code.
     
    Last edited: Jul 8, 2005
    ezfilehosting.com likes this.
  5. albybum

    albybum Penguin Rancher

    Messages:
    280
    Location:
    Elizabethton, TN
    Updated script with comments.
     
  6. Admiral Michael

    Admiral Michael Michaelsoft Systems CEO Folding Team

    could this easily be converted to ASP? and is there a way to hide the source line of embedded audio?
     
  7. LordOfLA

    LordOfLA Godlike!

    Messages:
    7,027
    Location:
    Maidenhead, Berkshire, UK
    yes it could (I'm looking into asp.net 2 myself).

    Microsoft has a ton of resource on converting from php to asp.net :)

    not sure about hiding a html value though..
     
  8. Howling Wolf

    Howling Wolf We did not deserve this !

    Messages:
    1,243
    Location:
    Amongst the Native Ones
    Why don't you just put an empty index.html in the folder you want to protect ? It is simple and if somebody doesn't know the exact file name he won't be able to access it, am I wrong ?
     
  9. albybum

    albybum Penguin Rancher

    Messages:
    280
    Location:
    Elizabethton, TN
    For Apache, you can also do this:

    Indexes
    Sometimes, when you request a directory with no index file (index.php, default.asp etc.), you will instead see a directory listing of all the public files in the current directory. For a lot of people, this can be a nuisance and they'd rather remove the ability of users to view these directory listings. To do this, simply insert the following line in your .htaccess file:


    Options -Indexes

    This will remove the directory listing option for all directories in and below the one in which the .htaccess file is placed. If someone requests a directory that does not contain any index files (which would be displayed by default), then a 403 error code will be sent to the browser and either a custom error document or a standard one for your server will be displayed.

    If you want to enable directory listings for some directories on your server, just create a .htaccess file in those directories and place in it the line:


    Options +Indexes

    This works in exactly the same way as disabling indexes, except it will enable them instead. If directory listings are already enabled, either through a .htaccess file higher up in the directory structure or in the httpd.conf file, then this setting will have no effect.

    http://www.rixort.com/tutorials/apache-htaccess.php


    But with a download script and a protected folder, you have true power over the path and access to your downloads.
     
  10. Admiral Michael

    Admiral Michael Michaelsoft Systems CEO Folding Team

    Im interested in this, can it be down with IIS?
     
  11. albybum

    albybum Penguin Rancher

    Messages:
    280
    Location:
    Elizabethton, TN
    I only have one server with IIS and it is running and intranet invoice system with access and asp. I haven't tried, to be honest.

    In theory it should work just fine. If you password protect a folder that should only apply to users connecting that need authentication. PHP [Or ASP for that matter] should have normal directory access as a local restricted user. It should be able to read and serve the file just fine.

    I would have to defer that to someone who has more experience with IIS.
     
    Last edited: Jul 8, 2005