开发者

PHP possible to lock downloaded content?

I am currently working on a project that will work on a membership system. The theory behind the website is that you can download electronic (PDF) versions of a magazine, if you are a paying member of the website.

The problem arises in that after downloading the PDF it can be sent to anyone and accessed by anyone. Is there a way to only allow the member that paid for the PDF access to it. Is there a 3rd party service that could host the PDF's and allow them to re开发者_C百科ad by the user at a unique URL that holds a random string unique to that download?

Being able to stop the ability to openly distribute the PDF's and view them without being a member is paramount.

Does anyone of have any ideas? Basically I am looking for a DRM like system for PHP (I am assuming it is impossible)


Render their name, credit card number and valid thru date on every single page.


Password protect the PDF with a passkey that is unique to the user who has downloaded it (such as their password for your site). There's nothing to stop the registered user giving away their passkey to anybody else that they give a copy of the file to though.


You can hide the PDF's URL from the user by using a download.php together with an ID that will only deliver files to the user if he/she has the appropriate rights. This way you can prevent users from sending the download-link to somebody else. Users without the proper credentials won't be able to start the download then ...

But: As soon as the PDF left your server (even if a second user may not be able to download it), the first user can do whatever he/she likes with it. Even if you encrypt your PDFs, hide them in password-protected ZIP-archives, lock them in a chest and bury them six feet underground ... the first user must have the information to read the PDF and can give it to anybody else ...


If users can read the text on their computer screen then it's already on their machine. In that case your only ally against unsolicited copying is ignorance.

In other words, it's sensible to make the copying of text as difficult as possible.

For example, don't offer the PDF directly but display it through a Flash-based reader. Then the only way for users to copy it is to make a screenshot of each page. Which is the best "copy-protection" you can get without using heavy-handed encryption in combination with a physical security token.

And of course, you can include sensitive information on every page, such as names, passwords etc to make the theoretical copying process even more ardous.


How about this--rather than --giving-- them a copy that they can do whatever with, why not give them access to a Flash-based "pageflip" system with your pdf on it. You control access to the page via login, and you also control the content.

ANY code or content that you give to the user can be stolen. It just depends on the energy and knowledge of your user as to how many will steal it. Many times, the tougher the protection, the more likely they are to share it with others...hence, the plethora of Adobe CS5 downloads on Warez sites.

(Yes, for those of you who will inevitably point it out, I can steal flash too, but it's a lot of work!)

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜