There is a requirement that users pay to download a compressed package. After paying, they can download it several times or unlimited times.
Then the problem comes
How to avoid exposing the path of the compressed package so that the paying person can forward it to others for download?
Let the download link have a time limit?
My idea is to have a table to record the paid user ID corresponding to the compressed package ID, so that only this user can download it.
But is there another or better way?
ps:PHP
There is a requirement that users pay to download a compressed package. After paying, they can download it several times or unlimited times.
Then the problem comes
How to avoid exposing the path of the compressed package so that the paying person can forward it to others for download?
Let the download link have a time limit?
My idea is to have a table to record the paid user ID corresponding to the compressed package ID, so that only this user can download it.
But is there another or better way?
ps:PHP
I have sorted out my ideas, just for theoretical reference, and the general analysis is as follows:
A user table, a resource table, and a record table. The record table records information such as whether the user paid for downloads, download time and other information.
You should be clear about the above information, which is roughly the same as what you described. The main problem should be the processing of download resource paths and permissions
The user operation process should be:
Resource list - Paid resource details - Create paid resource record - Generate static download link or dynamic link
Download link is a very common resource path. It should be a dynamic path. In order to associate the resource, we need to attach a record ID
<code> // 非
……resname.zip
// 是
index.php?id=1&…</code>There is a time limit and time comparison is definitely required. Before downloading, compare the current time with the creation record time and validity period in the controller. If it expires, subsequent downloads will not be allowed to continue
The controller of the download link must determine whether the user is logged in, and whether the paid user ID in the record ID is consistent with the current login ID. The download is allowed only if they are consistent, otherwise the download is not allowed
![[Web front-end] Node.js quick start](https://img.php.cn/upload/course/000/000/067/662b5d34ba7c0227.png)
