Solved

ColdFusion Document Download - Part 2

Posted on 2010-09-10
9
180 Views
Last Modified: 2013-12-24
Hi,
This is in reference to question : http://www.experts-exchange.com/Software/Server_Software/Web_Servers/ColdFusion/Q_26461687.html

I understand now how to do a secure document download in ColdFusion using CFHeader and CFContent (thanks).

Q:  I'm not sure of the flow:
I have a page of icons/buttons/links that represent different documents that can be downloaded by the user.  When the user clicks one of these icons, what is the flow to download the document and redisplay the page?  Do I have to leave/reload the page - or is that more of a JScript or JQuery question?

Do I just go to another page (via a link), do the download and then CFlocation back to redisplay the original page of doc links?

Thanks in advance,
hefterr
0
Comment
Question by:hefterr
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 4
9 Comments
 
LVL 52

Accepted Solution

by:
_agx_ earned 500 total points
ID: 33647406
You don't have to leave the page.  Link to another page that returns the file as a download. The browser will just display a download/save as prompt. But never leave the current page.

0
 
LVL 1

Author Comment

by:hefterr
ID: 33647708
Hi aqx,
Thanks for the tip.  I'll try it it out but may not get to it until Monday.  So I haven't forgotten about it!!
0
 
LVL 52

Expert Comment

by:_agx_
ID: 33647822
No worries ;-) Enjoy the weekend.
0
Get MySQL database support online, now!

At Percona’s web store you can order your MySQL database support needs in minutes. No hassles, no fuss, just pick and click. Pay online with a credit card.

 
LVL 1

Author Comment

by:hefterr
ID: 33647823
Hi aqx,
I gave it a quick try.  It WORKS!!!  I think I owe you 250 beers now :)

thanks (again),
hefterr
0
 
LVL 1

Author Comment

by:hefterr
ID: 33647962
Oh - no!  After all this time I just noticed it's :"agx" (not aqx) .  Actualy it seems like it  "_agx_" ?

1,000  appologies.

hefterr
0
 
LVL 52

Expert Comment

by:_agx_
ID: 33648066
lol. Virtual beers are _very_ potent, so I probably shouldn't drink them all at once.

>> 1,000  appologies.

No worries.  I knew what you meant ;-) We'll blame it on the EE font/css.  

0
 
LVL 52

Expert Comment

by:_agx_
ID: 33648090
( Yeah, I'm definitely blaming it on the EE's CSS. Looking at it now, *I* can't even tell it's _agx_ .. and it's my own nickname ! ;-)

0
 
LVL 1

Author Comment

by:hefterr
ID: 33653158
Hi _agx_ (got it right this time),
One last question on the download issue.

I assume the original link woud go to a program that should again verify the credentials of the user before starting the download.  Otherwise you are just basically trading one unsecure link link for another.  In other words, anyone could still use the original link in the HTML to access the file.  It would just invoke a second program that serves it up.  So both programs have to verify the credentials of the user.  The first to provide the link and the 2nd to actually push the file.

thanks again,
hefterr
0
 
LVL 52

Expert Comment

by:_agx_
ID: 33658795
Sorry for the delay...

That all depends on how you're validating the credentials...  I'd assume you're requiring users to login in first via some *.CFM page. If the login is successful, you set a few session variables.  So if you wanted to verify the user was logged in, you'd need to link to a *.cfm script (not *.html page).   The .cfm script would then verify credentials, and redirect the user if they were NOT logged in.
0

Featured Post

U.S. Department of Agriculture and Acronis Access

With the new era of mobile computing, smartphones and tablets, wireless communications and cloud services, the USDA sought to take advantage of a mobilized workforce and the blurring lines between personal and corporate computing resources.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you don't have the right permissions set for your WordPress location in IIS, you won't be able to perform automatic updates. Here's how to fix the problem.
When it comes to showing a 404 error page to your visitors, you do not want that generic page to show, and you especially do not want your hosting provider’s ad error page to show either. In this article, I will show you how to enable the custom 40…
NetCrunch network monitor is a highly extensive platform for network monitoring and alert generation. In this video you'll see a live demo of NetCrunch with most notable features explained in a walk-through manner. You'll also get to know the philos…
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …
Suggested Courses

615 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question