Hide web address

[pcdctr]

I am creating a secure web page that buyers can go to after they pay to download the content. Is there a java script I can use to hide the web address so they cant tell others where to go and by pass my payment system? any help would be appreciated. The download page is hid from the other htm pages and not part of my links, but just would like to hide the address when the download page comes up to keep it simple.

pcdctr

[John]

I'm not sure if JavaScript is the way to go. What you want to do is create a user system with access permissions. After a user pays he is granted special permissions to that section of the site.

Not very hard to do with PHP.

[Jordan]

You could create a new window with the menu and navigation bar gone:

HTML Code:

window.open('http://www.codecall.net','CodeCall!','location=no','menubar=no')

But I think the URL will still show up in history.

For more info on this: Opening a New Window With JavaScript

[Jordan]

Quote:

Originally Posted by Sidewinder

I'm not sure if JavaScript is the way to go. What you want to do is create a user system with access permissions. After a user pays he is granted special permissions to that section of the site.

Not very hard to do with PHP.

This is probably a better idea than the JavaScript route....

[oubless]

Do NOT use java script for such things!!!
java script is not intended to be used for security purposes. It can ( in most cases ) be disabled or manipulated! You can not hide the address where the user is downloading from - he can check it in many ways:
- A download manager with a field showing that address
- In the history of the browser
- By using right click -> info ( depending on the browser, in firefox - View page info, Here is says:
CodeCall Programming Forum - Reply to Topic:
Address:http://forum.codecall.net/newreply.p...uote=1&p=19662
...)
- By some program/function allowing him to view your code/ the HTTP request text...
- A lot more I can't think of right now.

To perform this security:
use user authorization for that address ( HTTP protocol supports it )
use some authorization made in a server side language and return application instead of text/html ( i.e. you can check IP, allow download only once, etc.)
If you are trying to protect the resources that you allow someone to download and not the possibility to download this will not work AT ALL. If those resources are useful they will be uploaded illegally somewhere for free by someone in short period of time. Try protecting them with license and some inner defensive function. Good luck