Publisher review:XOOPS WF-Downloads is so-called safe-download-links hack for WF-Downloads module of XOOPS. Let me explain, how it works.
Let's suppose, you have download section on your site, that is available to certain users only. And, there is a bad guy, who wants to share your files with everyone on the net. How can this guy share your files with everybody, if he doesn't want to share his login and pass, doesn't want to upload all files to anywhere and likes to keep his secrecy?
He simply clicks onhttp://www.mysite.net/modules/wfdownloads/visit.php?cid=12&lid=10 link and looks, where xoops will redirect him. visit.php script makes increment of the download counter and then redirects him to actual file link, you entered, when created download. Xoops redirects him tohttp://www.mysite.net/myhiddenxoopsdownloads/MyFile.zip and bad guy gives this links to all who wants to take it.How to protect from this? You can protect this 'myhiddenxoopsdownloads' directory with .htaccess and .htpasswd files, but this will require al registered users enter their login and pass twice: once logging in to xoops downloads section and tghe next one when they will click on every link.Let me suggest another solution. I developped hack for WF-Downloads that never gives your user direct link to file. User can download file only throught visit.php script, which does all permission checking etc.
XOOPS WF-Downloads is a PHP script for Other Modules scripts design by xoops.
It runs on following operating system: Windows / Linux / BSD.
XOOPS WF-Downloads is so-called safe-download-links hack for WF-Downloads module of XOOPS.
Operating system:Windows / Linux / BSD