?
Solved

securing pdf files in an application

Posted on 2004-03-28
4
Medium Priority
?
171 Views
Last Modified: 2013-12-24
Hi there.

Im trying to build an application that secures pdf files so that no one can upload them just by typing in the url.
They need to be in a secured directory and then accessed via a coldfusion page.
I have tried this but the only way I can seem to do this is via:

<cfheader
name="Content-Disposition"
value="attachment; filename=#filename#">
<cfcontent
type="application/unknown"
file="#filepath#">

Ive tried using application/pdf to display the page in the browser but all this seems to do is output the actual pdf code.
Any ideas?

Also thinking about storing the pdf's in a sql server database. Has anyone had any experience with this and also retrieving the pdf files?

Thanks Heaps
0
Comment
Question by:ipulse2
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
4 Comments
 

Accepted Solution

by:
ftvcs earned 1000 total points
ID: 10702629
I'd try something like this:

<cfif CGI.HTTP_REFERER eq"frompage.cfm">
<cfcontent type = "application/pdf"
  file = "c:\files\files1.pdf"> <!--- path not accesible from internet--->
</cfif>

If you have questions, don't hesitate to ask.

Tom
0
 
LVL 9

Assisted Solution

by:shooksm
shooksm earned 1000 total points
ID: 10704139
This works for me:

<cfheader name="content-disposition" value="inline;filename=#URLEncodedFormat(filename)#">
<cfcontent type="application/pdf" file="#filepath#" reset="yes">

Also, make sure your PDF files actually end with a PDF extension.

As far as saving them in the database, although it is possible.  It is not recommended.  The file system of your webserver is much faster at retrieving files than making a call do a database server.  Also, you can not output binary variables directly from Cold Fusion.  You have to save them as a local file using CFFILE then you use CFCONTENT to send them to the browser.  So, since you are sticking the file on the hard drive of the web server anyways, why not just keep it there in the first place.  Hope this helps.
0

Featured Post

Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Article by: kevp75
Hey folks, 'bout time for me to come around with a little tip. Thanks to IIS 7.5 Extensions and Microsoft (well... really Windows 8, and IIS 8 I guess...), we can now prime our Application Pools, when IIS starts. Now, though it would be nice t…
Lease-to-own eliminates the expenditure of hardware replacement and allows you to pay off the server over time. Usually, this is much cheaper than leasing servers. Think of lease-to-own as credit without interest.
NetCrunch network monitor is a highly extensive platform for network monitoring and alert generation. In this video you'll see a live demo of NetCrunch with most notable features explained in a walk-through manner. You'll also get to know the philos…
In this video, Percona Solution Engineer Dimitri Vanoverbeke discusses why you want to use at least three nodes in a database cluster. To discuss how Percona Consulting can help with your design and architecture needs for your database and infras…

800 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question