Home/ Questions/Q 7707557
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-01T00:23:27+00:00

If i have items stored in a database that users can download after they

  • 0

If i have items stored in a database that users can download after they purchase, how can I provide a link that is different on a per user basis?

I was thinking, would the correct thing to do be: give them a link that is hashed in some way based on their user id for example.Then, when i process the link i have given them i just reverse the hash function to get the original link. Is this the correct way of doing things?

If this is not the correct approach could someone please point me in the right direction?

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Hash functions are not meant to be reversed. I would suggest to read about lighttpd mod_secdownload implementation

    It gives you a protected link, valid for a certain amount of time. Because a hash cannot be reversed, you need to pass a hash of your information along with the clear text information (if possible) in the link. Ex:

    http://somesite.com/download.php?hash=<md5($secretkey.$userId.$documentId)>&usrId=<$userId>&documentId=<$documentId>

    When you receive a request to download, process the has, compare it to the given one, if it’s equal then you consider it verified.

    • 0