can have a time expired link?

D

diablo

Hi

I want to offer a download to people for a certain amount of time - after
the link expires.

basically the setup is that they buy an ebook and receive an email with a
link to download - but the link should only be valid for a week.

anyway to do that?

Thanks in advance

D
 
M

Martin Magnusson

diablo said:
I want to offer a download to people for a certain amount of time - after
the link expires.

basically the setup is that they buy an ebook and receive an email with a
link to download - but the link should only be valid for a week.

I don't believe that's possible using only HTML. You would have to
remove the file manually or have a server-side script to automate it.

/ martin
 
R

Roy Schestowitz

Martin said:
I don't believe that's possible using only HTML. You would have to
remove the file manually or have a server-side script to automate it.

/ martin

Create one file with the link in existence, say index.html

Create another file without the link, say index2.html

Set up a cron job for the day of expiry, say:

20 22 24 * * cp ~/index2.html ~/index.html; rm ~/index2.html

(this can be made more elegant, I know)

It will remove the link at 10:20 PM on the 24th of the month.

Roy
 
M

Mitja

Set up a cron job for the day of expiry, say:
20 22 24 * * cp ~/index2.html ~/index.html; rm ~/index2.html

Which is still a server side script, although admittedly not one that
interacts with the server. And using cron for this kind of job is at best
not overly elegant, either...

I'd go for a database (can ba plain-textfile based one) with valid/active
"passwords". Each time a user pays for the book, your script generates a
new password (usu called a hash, since it's just a long mess of randomly
mixed characters and numbers) and adds it to the database along with a
timestamp. The password is given to the user. If he wants to download the
book, he must pass this code to a script which checks whether the code
exists in the database at all and whether it's expired already or not. If
all's fine, it sends the book, else an error message.

This way you can also track misuses (e.g. one password used 50 times) or
warn users if you see they haven't yet donwloaded the book but their code
is about to expire, etc etc.
 
R

Roy Schestowitz

Mitja said:
Which is still a server side script, although admittedly not one that
interacts with the server. And using cron for this kind of job is at best
not overly elegant, either...

I'd go for a database (can ba plain-textfile based one) with valid/active
"passwords". Each time a user pays for the book, your script generates a
new password (usu called a hash, since it's just a long mess of randomly
mixed characters and numbers) and adds it to the database along with a
timestamp. The password is given to the user. If he wants to download the
book, he must pass this code to a script which checks whether the code
exists in the database at all and whether it's expired already or not. If
all's fine, it sends the book, else an error message.

This way you can also track misuses (e.g. one password used 50 times) or
warn users if you see they haven't yet donwloaded the book but their code
is about to expire, etc etc.

That's still quite laborious. How about changing that cron job to a simple
chmod command. You don't need to hold duplicate files, _but_ it assumes
that the link points to something on the same server. You can make it very
flexible, for example:

0 9 * * * chmod 644 ~/index.html
0 17 * * * chmod 600 ~/index.html

will ensure the link (destination) is alive (accessible) only between 9 and
5.

Roy
 
M

Mitja

That's still quite laborious. How about changing that cron job to a
simple chmod command.

Hmm.... can't help, still think my way is cleaner, easier to automate and
therefore less prone to errors - not to mention /less/ laborious in the
long run. No manual messing with cron.tab. Just to show you such a script
is not too complicated, here's an example in python (not tested, very
probably has some errors):

import string
import random
import time
import sys

def makeLink():
"returns the hash from which to create the link of form
getBook.py?hash=..."
hash = ''.join([random.choice(string.ascii_uppercase) for i in
range(32)]);
f = open('hash.db','a')
f.write(hash+' '+`time.time()`)
f.close()
return hash

def get(hash):
"when the script is called with an actual hash, call this func to check
if it's a valid one"
db = dict([line.split() for line in open('hash.db')])
try:
assert time.time()-db[hash] < 3600*24*7
sys.out.write('content-type:
application/x-pdf\n\n'+open('theBook.pdf').read())
except KeyError, AssertionError:
sys.out.write('content-type: text/plain\n\nInvalid or expired hash.')

Now for a real, running script of course you'd want to fancy it up a bit,
but the above few lines generally cover all of idea.
 
D

diablo

hi

i think this is a good idea - thanks for the help

D

Mitja said:
That's still quite laborious. How about changing that cron job to a
simple chmod command.

Hmm.... can't help, still think my way is cleaner, easier to automate and
therefore less prone to errors - not to mention /less/ laborious in the
long run. No manual messing with cron.tab. Just to show you such a script
is not too complicated, here's an example in python (not tested, very
probably has some errors):

import string
import random
import time
import sys

def makeLink():
"returns the hash from which to create the link of form
getBook.py?hash=..."
hash = ''.join([random.choice(string.ascii_uppercase) for i in
range(32)]);
f = open('hash.db','a')
f.write(hash+' '+`time.time()`)
f.close()
return hash

def get(hash):
"when the script is called with an actual hash, call this func to check
if it's a valid one"
db = dict([line.split() for line in open('hash.db')])
try:
assert time.time()-db[hash] < 3600*24*7
sys.out.write('content-type:
application/x-pdf\n\n'+open('theBook.pdf').read())
except KeyError, AssertionError:
sys.out.write('content-type: text/plain\n\nInvalid or expired hash.')

Now for a real, running script of course you'd want to fancy it up a bit,
but the above few lines generally cover all of idea.
 
J

JDS

Which is still a server side script, although admittedly not one that
interacts with the server. And using cron for this kind of job is at best
not overly elegant, either...

And also assumes some Unix varient as the server OS. What about a Winders
box?
 
J

JDS

I want to offer a download to people for a certain amount of time - after
the link expires.

basically the setup is that they buy an ebook and receive an email with a
link to download - but the link should only be valid for a week.

anyway to do that?

If you are using Apache, you can set this up using mod_rewrite.

See:
http://httpd.apache.org/docs-2.0/misc/rewriteguide.html

Specifically the section titled "Time-Dependent Rewriting"

You can put the Rewriting directives in a .htaccess file in the same
directory on the server where the file(s) to which you wish to control
access.

later...
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

No members online now.

Forum statistics

Threads
473,744
Messages
2,569,483
Members
44,903
Latest member
orderPeak8CBDGummies

Latest Threads

Top