Pay-per-download : how to prevent downloading ?

Next topic

Author	Message
Pascal France	Friday 18 March 2011 11:25:03 am Hi, I'm using the pay-per-download extension (eZP 4.3 on a shared host) and once the user payed his products (PDFs) the system displays a summary of the purchases. In this summary there are links pointing to the PDFs; the form of these links is: http://mysite.fr/content/download/4877/23065 The probleme is that this link works even if one is not logged in. So it can be shared without limit. Is there a workaround ? Pascal Ce qui embellit le désert c'est qu'il cache un puits... quelque part... (A. de Saint-Exupéry) - http://luxpopuli.fr/eZ-Publish
Peter Keung	Friday 18 March 2011 4:14:58 pm content/download links should respect eZ Publish permissions. Have you tested those links in a separate browser or after closing and re-opening the browser? It is likely the browser cache that is letting you download the file even after logging out. http://www.mugo.ca Mugo Web, eZ Partner in Vancouver, Canada
Pascal France	Friday 18 March 2011 4:42:40 pm Hi Peter, Thinks for your reply. I'm stupid ! I gave the anonymous role the rights to read my PDFs........ Now all works as expected. Pascal Ce qui embellit le désert c'est qu'il cache un puits... quelque part... (A. de Saint-Exupéry) - http://luxpopuli.fr/eZ-Publish

Author

Message

Friday 18 March 2011 11:25:03 am

Hi,

I'm using the pay-per-download extension (eZP 4.3 on a shared host) and once the user payed his products (PDFs) the system displays a summary of the purchases.

In this summary there are links pointing to the PDFs; the form of these links is: http://mysite.fr/content/download/4877/23065

The probleme is that this link works even if one is not logged in. So it can be shared without limit.

Is there a workaround ?

Pascal

Ce qui embellit le désert c'est qu'il cache un puits... quelque part... (A. de Saint-Exupéry) - http://luxpopuli.fr/eZ-Publish

Peter Keung

Friday 18 March 2011 4:14:58 pm

content/download links should respect eZ Publish permissions. Have you tested those links in a separate browser or after closing and re-opening the browser? It is likely the browser cache that is letting you download the file even after logging out.

http://www.mugo.ca
Mugo Web, eZ Partner in Vancouver, Canada

Pascal France

Friday 18 March 2011 4:42:40 pm

Hi Peter,

Thinks for your reply.

I'm stupid ! I gave the anonymous role the rights to read my PDFs........

Now all works as expected.

Pascal

Ce qui embellit le désert c'est qu'il cache un puits... quelque part... (A. de Saint-Exupéry) - http://luxpopuli.fr/eZ-Publish

eZ debug

Timing:	Jan 18 2025 02:07:16
Script start
Timing:	Jan 18 2025 02:07:16
Module start 'layout'
Timing:	Jan 18 2025 02:07:16
Module start 'content'
Timing:	Jan 18 2025 02:07:16
Module end 'content'
Timing:	Jan 18 2025 02:07:16
Script end

Main resources:

Total runtime	0.6002 sec
Peak memory usage	4,096.0000 KB
Database Queries	57

Timing points:

Checkpoint	Start (sec)	Duration (sec)	Memory at start (KB)	Memory used (KB)
Script start	0.0000	0.0050	588.1641	152.6563
Module start 'layout'	0.0050	0.0025	740.8203	39.5156
Module start 'content'	0.0075	0.5908	780.3359	531.7813
Module end 'content'	0.5983	0.0019	1,312.1172	12.2656
Script end	0.6002		1,324.3828

Time accumulators:

Accumulator	Duration (sec)	Duration (%)	Count	Average (sec)
Ini load
Load cache	0.0030	0.4936	16	0.0002
Check MTime	0.0012	0.2080	16	0.0001
Mysql Total
Database connection	0.0008	0.1273	1	0.0008
Mysqli_queries	0.5552	92.4914	57	0.0097
Looping result	0.0005	0.0804	55	0.0000
Template Total	0.5749	95.8	2	0.2874
Template load	0.0018	0.2949	2	0.0009
Template processing	0.5731	95.4803	2	0.2866
Template load and register function	0.0002	0.0293	1	0.0002
states
state_id_array	0.0007	0.1179	1	0.0007
state_identifier_array	0.0012	0.2059	2	0.0006
Override
Cache load	0.0014	0.2280	18	0.0001
Sytem overhead
Fetch class attribute can translate value	0.0005	0.0883	2	0.0003
Fetch class attribute name	0.0028	0.4653	4	0.0007
XML
Image XML parsing	0.0007	0.1246	2	0.0004
class_abstraction
Instantiating content class attribute	0.0000	0.0017	4	0.0000
General
dbfile	0.0013	0.2085	17	0.0001
String conversion	0.0000	0.0012	4	0.0000
Note: percentages do not add up to 100% because some accumulators overlap

Templates used to render the page:

Usage	Requested template	Template	Template loaded
1	node/view/full.tpl	full/forum_topic.tpl	extension/sevenx/design/simple/override/templates/full/forum_topic.tpl
3	content/datatype/view/ezxmltext.tpl	<No override>	extension/community_design/design/suncana/templates/content/datatype/view/ezxmltext.tpl
3	content/datatype/view/ezxmltags/paragraph.tpl	<No override>	extension/ezwebin/design/ezwebin/templates/content/datatype/view/ezxmltags/paragraph.tpl
1	content/datatype/view/ezimage.tpl	<No override>	extension/sevenx/design/simple/templates/content/datatype/view/ezimage.tpl
1	print_pagelayout.tpl	<No override>	extension/community/design/community/templates/print_pagelayout.tpl
Number of times templates used: 9 Number of unique templates used: 5

Time used to render debug report: 0.0001 secs