PHPhulp.nl
35k+ leden Over PHPhulp Offerte opdracht Contact
Scripts

Beveiligde downloads

Door John Doe -23-01-2009 00:00 -10.222 views

Met dit scipt kan je een download beveiligen. Voer in register.html de filename en het wachtwoord in klik op register Je krijgt een ID en je had al een password ingevoerd. Mail het ID en password naar iemand. Die persoon kan inloggen bij inloggen. Als hij inlogt krijgt hij het downloadscherm te zien en kan hij de file downloaden. LET OP!!! Zorg dat je files een map files staan. Dit is mijn eerste php-script dus reacties en/of verbetering zijn welkom LolzzzMan

Download alle bestanden als ZIP
beveiligde-downloads
MySQL code(execute deze...)

[code]DROP TABLE IF EXISTS `login`.`users`;
CREATE TABLE  `login`.`users` (
  `downloadID` int(25) NOT NULL auto_increment,
  `ID` varchar(500) NOT NULL,
  `password` varchar(500) NOT NULL,
  PRIMARY KEY  USING BTREE (`downloadID`),
  UNIQUE KEY `username` USING BTREE (`ID`)
) ENGINE=MyISAM AUTO_INCREMENT=1 DEFAULT CHARSET=latin1 COMMENT='Members';[/code]

Register.html

[code]<html>
<head>
<TITLE>Register</TITLE>
</head>
<body>
<form name="login" method="post" action="register.php">
<table border="0" width="225" align="center">
        <tr>
        <td width="219">
            <table border="0" width="282" align="center">
                                   <tr>
                    <td width="116"><span style="font-size:10pt;">Filename:</span></td>
                    <td width="156"><input type="text" name="link"></td>
                </tr>
                <tr>
                    <td width="116"><span style="font-size:10pt;">Password:</span></td>
                    <td width="156"><input type="password" name="password"></td>
                </tr>
                <tr>
                    <td width="116">&nbsp;</td>
                        <td width="156">
                            <p align="right"><input type="submit" name="submit" value="Registreer"></p>
                        </td>
                </tr>
            </table>
        </td>
    </tr>
   </table>
</form>
</body>
</html>[/code]

login.html

[code]<form name="login" method="post" action="login.php">
<table border="0" width="225" align="center">
    <tr>
        <td width="219" bgcolor="#999999">
            <p align="center"><font color="white"><span style="font-size:12pt;"><b>Login</b></span></font></p>
        </td>
    </tr>
    <tr>
        <td width="219">
            <table border="0" width="220" align="center">
                <tr>
                    <td width="71"><span style="font-size:10pt;">ID:</span></td>
                    <td width="139"><input type="text" name="ID"></td>
                </tr>
                <tr>
                    <td width="71"><span style="font-size:10pt;">Password:</span></td>
                    <td width="139"><input type="password" name="password"></td>
                </tr>
                <tr>
                    <td width="71">&nbsp;</td>
                        <td width="139">
                            <p align="right"><input type="submit" name="submit" value="Submit"></p>
                        </td>
                </tr>
</table>
</form>[/code]

register.php

<?PHP
Session_start();
//Database Information

$dbhost = "localhost";
$dbname = "login";
$dbuser = "root";
$dbpass = "";

//Connect to database

mysql_connect ( $dbhost, $dbuser, $dbpass)or die("Could not connect: ".mysql_error());
mysql_select_db($dbname) or die(mysql_error());

$link = $_POST['link'];
$ID1 = "files/" . $link . "";
$ID = base64_encode($ID1);
$password = base64_encode(sha1(base64_encode(md5($_POST['password']))));


// lf no errors present with the ID
// use a query to insert the data into the database.

$query = "INSERT INTO users (ID, password)
VALUES('$ID', '$password')";
mysql_query($query) or die(mysql_error());
mysql_close();

echo "Registered succesfull ID = $ID";

?>

login.php

<?php
session_start();
$dbhost = "localhost";
$dbname = "login";
$dbuser = "root";
$dbpass = "";

//Connect to database

mysql_connect ( $dbhost, $dbuser, $dbpass)or die("Could not connect: ".mysql_error());
mysql_select_db($dbname) or die(mysql_error());


$ID = $_POST['ID'];
$location = base64_decode($_POST['ID']);
$password = base64_encode(sha1(base64_encode(md5($_POST['password']))));
$query = "select * from users where ID='$ID' and password='$password'";
$result = mysql_query($query);

if (mysql_num_rows($result) != 1) {
$error = "Bad Login";
    header('Location: login.html');

} else {
    $_SESSION['ID'] = "$ID";
if (file_exists($location)) {
    header('Content-Description: File Transfer');
    header('Content-Type: application/octet-stream');
    header('Content-Disposition: attachment; filename='.basename($location));
    header('Content-Transfer-Encoding: binary');
    header('Expires: 0');
    header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
    header('Pragma: public');
    header('Content-Length: ' . filesize($location));
    ob_clean();
    flush();
    readfile($location);
    exit;
}
}


?>

Reacties

0
Nog geen reacties.