Solved

securing pdf files in an application

Posted on 2004-03-28
4
168 Views
Last Modified: 2013-12-24
Hi there.

Im trying to build an application that secures pdf files so that no one can upload them just by typing in the url.
They need to be in a secured directory and then accessed via a coldfusion page.
I have tried this but the only way I can seem to do this is via:

<cfheader
name="Content-Disposition"
value="attachment; filename=#filename#">
<cfcontent
type="application/unknown"
file="#filepath#">

Ive tried using application/pdf to display the page in the browser but all this seems to do is output the actual pdf code.
Any ideas?

Also thinking about storing the pdf's in a sql server database. Has anyone had any experience with this and also retrieving the pdf files?

Thanks Heaps
0
Comment
Question by:ipulse2
4 Comments
 

Accepted Solution

by:
ftvcs earned 250 total points
ID: 10702629
I'd try something like this:

<cfif CGI.HTTP_REFERER eq"frompage.cfm">
<cfcontent type = "application/pdf"
  file = "c:\files\files1.pdf"> <!--- path not accesible from internet--->
</cfif>

If you have questions, don't hesitate to ask.

Tom
0
 
LVL 9

Assisted Solution

by:shooksm
shooksm earned 250 total points
ID: 10704139
This works for me:

<cfheader name="content-disposition" value="inline;filename=#URLEncodedFormat(filename)#">
<cfcontent type="application/pdf" file="#filepath#" reset="yes">

Also, make sure your PDF files actually end with a PDF extension.

As far as saving them in the database, although it is possible.  It is not recommended.  The file system of your webserver is much faster at retrieving files than making a call do a database server.  Also, you can not output binary variables directly from Cold Fusion.  You have to save them as a local file using CFFILE then you use CFCONTENT to send them to the browser.  So, since you are sticking the file on the hard drive of the web server anyways, why not just keep it there in the first place.  Hope this helps.
0

Featured Post

Comprehensive Backup Solutions for Microsoft

Acronis protects the complete Microsoft technology stack: Windows Server, Windows PC, laptop and Surface data; Microsoft business applications; Microsoft Hyper-V; Azure VMs; Microsoft Windows Server 2016; Microsoft Exchange 2016 and SQL Server 2016.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In our day to day coding, how many times have we come across a necessity to check whether a URL is a broken link or not? For those of you that answered countless and are using ColdFusion like myself, then this article is for you.  It will show yo…
Lease-to-own eliminates the expenditure of hardware replacement and allows you to pay off the server over time. Usually, this is much cheaper than leasing servers. Think of lease-to-own as credit without interest.
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…

829 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question