Borrowing from the virtual link methodology, I think we may have a solution that will work even in IIS.
We will use the free junction command line component, or linkd.exe, or one of the others and run it from our ASP page using ASPExec from ServerObjects.com. Will do the same as the unix version of a virtual link.
So, even if this thread did not help the oroginal poster, it helped us out and that is a good thing.
Since the files are deleted after 48 hours, it is not a big deal as the original file paths are not revealed. No system can stop a few rogue people from obtaining files illegally.
The goal of any of these systems should be: - Prevent the direct leeching of files by posting a download link to the file
- Prevent customers from downloading other files using know methods (paths, naming convetions, etc.)
"Hey wait, more fundamental to caring for your clients' stuff; don't use IIS." No comment.
I developed (insert plug here-http://payloadz.com)
We do about 5,000 transactions per month.
Our method is this (note, this is after 5 iterations of delivery systems- all of which had issues):
- When a customer pays, we create a unique copy of the purchased product and place it in a queue directy for download. This unique file is prefixed with the customers transaction ID, so "filename.zip" becomes "a1dys3ad4a-filename.zip"
We then provide a direct link to the file. We also send this direct link in an email to the person.
After 48 hours the file is deleted. after which time, the customer must request more downloads from the merchant.
We tried many other methods but there always arose a browser/platform issue. The ONLY reliable method has been to provide a direct link to the file for download.
It can create server load and file storage issues if you have a large scale site.
Hope that helps, feel free to contact me off list.
I consulted on a "transition team" for the state of NJ's current governor (J. McGreevey) - after I had help build the previous governor's (C. Whitman) version of the state web site.
The web site has over 1,000,000 documents. Each head honcho wants the site branded to them specifically.
Do that about 1,000 times for each variation. Then use the site's spider engine to index all of the pages where the old name appears and go through manually.
That was soo much fun! Almost as fun as doing my COBOL Y2K contract!
FYI, They have two HUGE semi trucks on 59th (central park south) between 5th and 6th just at the bottom of Central Park. The trucks are very shiny with butterflies all over them. I bet all of the other trucks make fun of them.
They had at least 30 rollerbladers (i.e. fruitbooters) skating around dressed like purple butterflies holding signs. Apparently no one liked them as they said "no one likes us".
Well, how long will it take for them to complete looking at the entire sky? How much have we covered already?
If we are close then, I'll buy that for a buck.
They don't mention the many other requirements.
While it says you need a college degree,
you would need to have gotten it without doing drugs, writing subversive papers, or anything else that a college student would do.
Slashdot Mirror
Borrowing from the virtual link methodology, I think we may have a solution that will work even in IIS.
We will use the free junction command line component, or linkd.exe, or one of the others and run it from our ASP page using ASPExec from ServerObjects.com. Will do the same as the unix version of a virtual link.
So, even if this thread did not help the oroginal poster, it helped us out and that is a good thing.
Give yourselves all +1 karma
Good job!
The borwser/platform issues arise with writing headers to the client. There is NO 100% method for doing so.
We used this method for our 1st and 2nd interations, but had a 5% failure rate as many of our merchnats have AOL and CompuServe (lol) users.
Since the files are deleted after 48 hours, it is not a big deal as the original file paths are not revealed. No system can stop a few rogue people from obtaining files illegally.
The goal of any of these systems should be:
- Prevent the direct leeching of files by posting a download link to the file
- Prevent customers from downloading other files using know methods (paths, naming convetions, etc.)
"Hey wait, more fundamental to caring for your clients' stuff; don't use IIS."
No comment.
How would you create a unique link to the file? They will see the path to the file and then can guess the names of any of the other files.
Links that try to use tricks to redirect, etc. fail becuase of browser/os compatibility issues.
IIS baby!
Not that easy...
How do you stop port snoffers from determining the direct path to the file and posting it on a NG ?
The trick is not to divulge the path to the real files.
erm, that should read 5,000 per week. Shit, I even used that damn preview button. I should walk my fat ass into oncoming traffic.
I developed (insert plug here-http://payloadz.com)
We do about 5,000 transactions per month.
Our method is this (note, this is after 5 iterations of delivery systems- all of which had issues):
- When a customer pays, we create a unique copy of the purchased product and place it in a queue directy for download. This unique file is prefixed with the customers transaction ID, so
"filename.zip" becomes "a1dys3ad4a-filename.zip"
We then provide a direct link to the file. We also send this direct link in an email to the person.
After 48 hours the file is deleted. after which time, the customer must request more downloads from the merchant.
We tried many other methods but there always arose a browser/platform issue. The ONLY reliable method has been to provide a direct link to the file for download.
It can create server load and file storage issues if you have a large scale site.
Hope that helps, feel free to contact me off list.
I consulted on a "transition team" for the state of NJ's current governor (J. McGreevey) - after I had help build the previous governor's (C. Whitman) version of the state web site.
The web site has over 1,000,000 documents. Each head honcho wants the site branded to them specifically.
This is an actual line of process:
Find:
img src="/assets/images/logo_top_gov_whitman.jpg"
Replace with:
img src="/assets/images/logo_top_gov_mcgreevey.jpg"
Do that about 1,000 times for each variation. Then use the site's spider engine to index all of the pages where the old name appears and go through manually.
That was soo much fun! Almost as fun as doing my COBOL Y2K contract!
FYI,
They have two HUGE semi trucks on 59th (central park south) between 5th and 6th just at the bottom of Central Park. The trucks are very shiny with butterflies all over them. I bet all of the other trucks make fun of them.
(in case anyone has a can of repellent)
They had at least 30 rollerbladers (i.e. fruitbooters) skating around dressed like purple butterflies holding signs. Apparently no one liked them as they said "no one likes us".
Then one got clipped by a taxi.
Damn butterflies.
The Priceline Supercomputer would still be running.
Now you will see the power of this FULLY FUNCTIONAL battle station!
Actually the first robot that Tom Selleck was called in to get was a floor vacuum/house cleaning robot.
It got hold of a shotgun.
Not good.
This has been the most educational thread I have ever read on /.
U guys are really nerds.
Well, how long will it take for them to complete looking at the entire sky? How much have we covered already? If we are close then, I'll buy that for a buck.
No, she's actually hot!
Just like the rest of the Windows users.
Not like those damn ugly *nix users.
>>it hides the usual kernel text junk that appears during boot I thought that was the only reason to use Linux!?
Everyone who responded to this thread will be sued in round 4 of the lawsuit :-)
You haven't been to NYC lately then. More Af-Am driving high end cars than WASPs
You guys are friggin too damn smart.
You do mean Farenheit 451 right? Or least the prequel to it. It's a Brave New World!
Drop it out of a plane.
The pron industry is larger than all of the major sport leagues COMBINED. Even before the net it was much bigger.
Porn is #1. RIAA is miniscule compared to this group.
They don't mention the many other requirements. While it says you need a college degree, you would need to have gotten it without doing drugs, writing subversive papers, or anything else that a college student would do.