PHP - Is It Possible To Encrypt A Download Link Using Php?

Hey guys,
I'm going to start working on a simple php/mysql project, and wondering if you guys could point me in the right direction. Here is what I want to do:

1. User is presented with a simple form asking a series of questions (including email address)
2. Based on the answers, a specific download link is emailed to the user
3. store all inputted information in the database.

I'm still not sure if I want the email process to be automated, or "held" until the information is reviewed, then download link sent.

Does anyone know if a script already exist for this? I don't need to create user accounts, I just want to obtain user information every time they want to download something.

Thanks for any help.

So I am trying to download an image created with my php script.  I use the following for the download:

Code: [Select]
<?php
session_start();
$filename = $_SESSION['imgOut'];

header('Content-type: application/octet-stream');
header('Content-Disposition: attachment; filename='.$filename );

?>
The file downloads however instead of downloading  "example.jpg" from the /temp folder , it downloads "temp_example.jpg"  which of course is an empty file.

I am sure I am approaching this the wrong way, any suggestions?

Hi

I allow users to log in, they are redirected to a page and in the url their account ID is carried e.g. accountid=2.  Obviously they could alter the number and potentially see other members details.  What is the best way to hide this information?


Thanks

Basically I would like to place a link on my website and have the user download a file, but rather than just right clicking and choosing save target as, the link must be clicked, on the next page the file is fetched and then the client can download the file. How would I go about setting this up please?

When the download appears the link that is produced doesn't show the actual download either, so users can't leech of it.

Thanks

Hi, I want to send a URL to a user with their name in it: index.php?user=tom

how can I encrypt this name so that I can track what they do but if I was hacked nobody else could determine who the user was?

Thanks

Is there an alternative way to encode url params besides:
base64_encode()

examples would be great.

Hi all
I wonder if somebody could give me some guidance on this.

I manage a website programmed in PHP and having MySQL backend. Recently some of my clients raised concerns about the security of their data. It is not credit card information or so, however I would like to sort it out.

I have a button on the web site which the clients click to tell me that their data should now be analysed and a report sent to them. My php program pulls out the records for this particular user and writes them into an excel file on my web space(on a shared hosting). The same php program then attaches this excel file to an email and sent it to me.

I want to make sure that this data in the excel file is securely transmitted during the above process.

Any help would be much appreciated.

Carol

Hi, for my php program running in command line (windows cmd), the user must login first, so my ques is how can they enter the password as *****
when they are typing for example?

all help appreciated.

Hello!

I've got an issue! I'm trying to pass a very very long variable from JS to PHP through $_GET, but it seems too long for get.

Is there any encryption function that works on both JS and PHP, so I can encrypt it in JS, send it though GET and decrypt it in PHP?

Thanks !

Hey guys!
I have a doubt and this is a question that relates Flash and PHP...

I have a flash (swf) file that grabs/sends variables from/to php.
That swf file is FULLY encrypted and the paths to the PHP urls are also encrypted.

Is there any other way a hacker could find out where and which my PHP files are located/named?

Any ideas, suggestions?
Thanks in advance!
Cheers,

This is my code it's not working.

$username = $_POST['username'];


        $password = $_POST['password'];
        $encrypt_password = md5($password);

        $email = $_POST['email'];


        $usrsql = "SELECT * FROM $tbl_name WHERE username='$username' AND password='$encrypt_password'";

//--> Below is the INSERT Code

$query = "INSERT INTO `x_users` (username, password, email) VALUES ('$username', '$encrypt_password', '$email')";

        $result = mysql_query($query);

        if($result == 1) {

            print("Thank you, your accout has been created!");
        }

Can anyone tell me why the md5() function is not working?
Edited by Tom8001, 28 November 2014 - 07:49 PM.

Hi.

I have made a login script, but I would wan't to encrypt the password.
I followed a tutorial and got this:
login.php
<?php
$password = "secret";

echo $password;
/* displays secret */

$password = sha1($password);

echo $password; 
/* displays e5e9fa1ba31ecd1ae84f75caaa474f3a663f05f4 */
?>
<form action="validate.php" method="post">
  <label for="username">Username</label>
  <input type="text" name="username" id="username" />
  <br />
  <label for="password">Password</label>
  <input type="password" name="password" id="password" />
  <br />
  <input type="submit" name="submit" value="Submit" />
</form>
<?php
?>

validate.php

<?php
include "setup.php";

/* get the incoming ID and password hash */
$username=$_POST['username'];
$password=$_POST['password']; 
$password=md5($password); // Encrypted Password

/* establish a connection with the database */
$server = mysql_connect("$db_host", "$db_username","$db_password");
if (!$server) die(mysql_error());
mysql_select_db("$database");

  
/* SQL statement to query the database */
$query = "SELECT * FROM users WHERE Username = '$username' AND Password = '$password'";

/* query the database */
$result = mysql_query($query);

/* Allow access if a matching record was found, else deny access. */
if (mysql_fetch_row($result))
  echo "Access Granted: Welcome, $username!";
else
  echo "Access Denied: Invalid Credentials.";

mysql_close($server);  
?>

Its the line $password=md5($password); // Encrypted Password
that messes everything up.
If I delete it and login, everything is fine, if I add it it says Code: [Select]
Access Denied: Invalid Credentials
I need help with this one!
And if someone have time, give me some ideas how to make PHP scripts safer!

Regards
Worqy

I am currently recoding a website from ASP to PHP.

The aim is for a customer to add items to a cart, fill in their credit card details.
Then an email is encrypted (on the secure website) and sent to the client.

The client then opens the email on her PC and it is decoded either when she opens the e-mail, or downloads an attachment that can be opened by a program
that requires a password. Once entered the order is revealed, the e-mail is decrypted.

I just wondered if anyone has any link to sites where I can download the de-crypting software to install on the clients machine.

Or any other ideas on sending an encrypting email and decrypting on the recipients computer.

Many thanks.

Hello everyone... I am developing a software as a service program for use by multiple companies, each would have their own instance of the application... The part that I am not really to clear on, is what would be the most secure, with low latency, PHP method of encrypting/decrypting data to and from the database... all data is sent over SSL... I would also want to use a unique key for each company... Access to the program itself is protected from the outside by a user based log in system...

How can I encrypt POST data from a form? Basically, I want to ensure that the data on the form is not in plain text ever. Is this possible?

<form method="post">
<input type="text" name="email" size="40">
<input type="password" name="password"/>
...


Basically, when this posts, I want to do a foreach on $_POST and see something like:
password = 1f3870be274f6c49b3e31a0c6728957f
  and not
password = stringTheUserTyped

I hope what I'm asking for is clear.
(PHP 5.2.14)

Thanks!