Solved

securing pdf files in an application

Posted on 2004-03-28
4
170 Views
Last Modified: 2013-12-24
Hi there.

Im trying to build an application that secures pdf files so that no one can upload them just by typing in the url.
They need to be in a secured directory and then accessed via a coldfusion page.
I have tried this but the only way I can seem to do this is via:

<cfheader
name="Content-Disposition"
value="attachment; filename=#filename#">
<cfcontent
type="application/unknown"
file="#filepath#">

Ive tried using application/pdf to display the page in the browser but all this seems to do is output the actual pdf code.
Any ideas?

Also thinking about storing the pdf's in a sql server database. Has anyone had any experience with this and also retrieving the pdf files?

Thanks Heaps
0
Comment
Question by:ipulse2
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
4 Comments
 

Accepted Solution

by:
ftvcs earned 250 total points
ID: 10702629
I'd try something like this:

<cfif CGI.HTTP_REFERER eq"frompage.cfm">
<cfcontent type = "application/pdf"
  file = "c:\files\files1.pdf"> <!--- path not accesible from internet--->
</cfif>

If you have questions, don't hesitate to ask.

Tom
0
 
LVL 9

Assisted Solution

by:shooksm
shooksm earned 250 total points
ID: 10704139
This works for me:

<cfheader name="content-disposition" value="inline;filename=#URLEncodedFormat(filename)#">
<cfcontent type="application/pdf" file="#filepath#" reset="yes">

Also, make sure your PDF files actually end with a PDF extension.

As far as saving them in the database, although it is possible.  It is not recommended.  The file system of your webserver is much faster at retrieving files than making a call do a database server.  Also, you can not output binary variables directly from Cold Fusion.  You have to save them as a local file using CFFILE then you use CFCONTENT to send them to the browser.  So, since you are sticking the file on the hard drive of the web server anyways, why not just keep it there in the first place.  Hope this helps.
0

Featured Post

Raise the IQ of Your IT Alerts

From IT major incidents to manufacturing line slowdowns, every business process generates insights that need to reach the people required to take action. You need a platform that integrates with your business tools to create fully enabled DevOps toolchains.

You need xMatters.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A web service (http://en.wikipedia.org/wiki/Web_service) is a software related technology that facilitates machine-to-machine interaction over a network. This article helps beginners in creating and consuming a web service using the ColdFusion Ma…
Lease-to-own eliminates the expenditure of hardware replacement and allows you to pay off the server over time. Usually, this is much cheaper than leasing servers. Think of lease-to-own as credit without interest.
Michael from AdRem Software outlines event notifications and Automatic Corrective Actions in network monitoring. Automatic Corrective Actions are scripts, which can automatically run upon discovery of a certain undesirable condition in your network.…
If you’ve ever visited a web page and noticed a cool font that you really liked the look of, but couldn’t figure out which font it was so that you could use it for your own work, then this video is for you! In this Micro Tutorial, you'll learn yo…

691 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question