go ahead... be a heretic | |
PerlMonks |
Re: Serving files without revealing their locationby Trimbach (Curate) |
on Jan 29, 2001 at 09:18 UTC ( [id://54948]=note: print w/replies, xml ) | Need Help?? |
As has been stated by a couple of people already, you can easily set up a cgi that takes an id #, looks up the number, and then serves up the appropriate file. "Anti-leech" techniques aside, there is a feasible, practical way to serve files without revealing their location if you need to: it's called "passwords" and "encryption."
I setup a secure order form for a client once. It was all very basic, collecting order information and credit card numbers via an SSL form. The client, however, needed an easy and secure way to get to the order info, so I set him up with a password-protected CGI accessed through SSL that took him to an admin tool that let him view or download any of the orders he wanted. The trick here is for extra security none of the order files (it was all a flat-file affair) were stored in web-accessible directories... a web browser couldn't even point to the files if it wanted to, but my CGI could read them in and spit them out just fine, and because it was encrypted and password protected it was (reasonably) secure. It's easy to take a similar approach to any situation that requires restricted access to files. Want to let someone download something only one time? Give them a password and set your CGI to only let that password in 1x. Want to give someone access to a file that you can revoke at anytime? Piece of cake. There ARE reasons for doing such things; the exact solution you pick will depend on what you're ultimately trying to accomplish. Gary Blackburn
In Section
Seekers of Perl Wisdom
|
|