Security for direct typing

blelisa's picture

They have: 31 posts

Joined: Aug 2003

Hello Everyone.
Got a quick question, I have downloads page that has files on it that only current clients should have access to. When you access it through the web using our download page you get prompted for your username and password through an .asp page that access a database filled with our client information. This works great.
However, if you direct type to the files, ex: mysite.com/xxxx/filename.file you gain access to these files without have a user name and file.
How do I lock this up? Confused
Thank you very much!

He has: 1,758 posts

Joined: Jul 2002

You need to set a cookie so that the user is remembered. no cookie. no access. simple huh?

Want to join the discussion? Create an account or log in if you already have one. Joining is fast, free and painless! We’ll even whisk you back here when you’ve finished.