My site interacts with the PayPal Digital Goods API which on completion redirects back

Question

0

Asked: May 27, 20262026-05-27T02:48:02+00:00 2026-05-27T02:48:02+00:00

My site interacts with the PayPal Digital Goods API which on completion redirects back

0

My site interacts with the PayPal Digital Goods API which on completion redirects back to my PHP script which then allows the download.

I would like to know the best way to protect the directory containing digital goods which is outside of the web root.

At the moment I am protecting the directories by removing all permissions. When the download script is called the permissions of the directory containing the digital good are changed to allow the download then removed again. Below is a shorthand version of what’s happening in the script.

chmod('/digital/goods/directory/file', 0777);
readfile(file);
chmod('/digital/goods/directory/file', 0000);

I’am sure this cant be the right way to do this. Could you use htaccess without the user having to enter the user and password? Any pointers would be appreciated.

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-05-27T02:48:03+00:00

Editorial Team

2026-05-27T02:48:03+00:00Added an answer on May 27, 2026 at 2:48 am

Ensure the files aren’t being served directly. In Apache, you would keep them out of the DocumentRoot.

Then, the permissions shouldn’t matter, since there is simply no URL that maps to them.

0

Reply
Share
Share

- Report

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

My site interacts with the PayPal Digital Goods API which on completion redirects back

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply