?
Solved

PDF stamping using PHP or encryption using PHP which is better

Posted on 2010-09-17
6
Medium Priority
?
463 Views
Last Modified: 2012-05-10
Dear experts,

I would like your  knowledge and advice in regards to PDF stamping or encryption using PHP. I have found a couple of API for achieving this but would like some sound advice. I have two PDF books as part of a membership program which I would like to protect as much as possible from theft. I have looked at many solutions on the net for protecting PDF ebooks etc and have tried out many of them. From a users perspective if i had to deal with the complexity of these solutions I would never buy anything again from that company. The best solution seems to be stamping with PHP, as i run a membership site that is selling a product and service I am planning on stamping the name and address and email of the person for added protection, which does not put the user out. I am also wondering that if instead encrypting using PHP and making the encryption password there email will be a better way to prevent over load for my server as I understand that this process is quite processor intense. I would be grateful for some advice regarding this please. What others have used? What you feel is the better solution. What is the best and easiest way to implement this?

Also may I ask when you get the PDF stamped or encrypted is it best to store that copy on the server so that if the user needs to download it again the server does not have to make another copy or is there a better way. I will be restricting my user to a max of 3 downloads to save on bandwidth.

Many thanks as always for your help.
0
Comment
Question by:Lightwalker
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
6 Comments
 
LVL 111

Expert Comment

by:Ray Paseur
ID: 33700928
I say stamp it with the client information, and tell your clients they are part of a "membership organization" that protects its valuable intellectual property.

Any way you handle this issue, if someone wants to steal your digital PDF data, they will be able to do it.  So make it easy for your legitimate clients to get what they paid for, and rely on the terms of service to make your copyright enforceable.

Best regards, ~Ray
0
 
LVL 111

Expert Comment

by:Ray Paseur
ID: 33700969
Regarding this, "...it best to store that copy on the server..."

Yes, I think I would do that, and email a link to the client.  You might use an obscure file name to access the file.  You might use a "force download" script that keeps a count of the downloads and makes the file ineligible for future download after three tries.

If the file is not too large and is named sensibly, ending in .PDF, you might send the client an email with the file in an attachment.  However you should be careful not to make this the only strategy because many (more and more) people use wireless handheld devices to access the WWW, and attachments are not always welcome.
0
 

Author Comment

by:Lightwalker
ID: 33705888
Dear Ray,

Thank you again for your comments. I agree with what you are saying. the PDF's are to large to email successfully and I am planning to use a forced download so that I can keep track of the number of downloads. It also means I can remove the PDF that have been downloaded 3 times in order to save space on the server.

I was wondering if you know of the best PDF stamper API, as I am still learning ( and in all honesty will need to hire someone to do this for me) I have found a german company that writes an API for this purpose. I have included the link below:

http://www.setasign.de/products/pdf-php-solutions/setapdf-stamper/

My only concern with this (apart from the price but they seem reputable so I do not mind) is that it appears to use a caching method and I would prefer like you said to store the stamped PDF on the server rather than caching the document.

Any guidance you can give I would be very grateful
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 
LVL 111

Accepted Solution

by:
Ray Paseur earned 2000 total points
ID: 33707470
Regarding the PDF books... Do you know about FPDF?  It is a PHP class that can create PDF files for you.  If you can make the books by using the FPDF class, you can simply insert your ownership stamp right into the PDF document.  I have used the class many times and found it to be excellent - fast and accurate for both text and graphics.  More information is available here:
http://fpdf.org/

In the code snippet is an example of a force-download script.  The headers work on every browser I have been able to test.  You can easily modify that script to become login-aware and to take the encoded name of the file from the URL string.

As far as login-aware scripts go, I have an article here at EE that describes the design pattern.
http://www.experts-exchange.com/Web_Development/Web_Languages-Standards/PHP/A_2391-PHP-login-logout-and-easy-access-control.html

Hope that helps get your project up and running, ~Ray
<?php // RAY_force_download.php
error_reporting(E_ALL);



// A FILE TO DOWNLOAD - THIS LINK COULD COME IN THE URL VIA $_GET, OR COULD BE GENERATED INSIDE THE SCRIPT
$url = "http://www.google.com/intl/en_ALL/images/logo.gif";

// USE CASE
force_download($url);




// FUNCTION TO FORCE A DOWNLOAD FROM A FILE
function force_download($filename)
{
    // GET A NAME FOR THE FILE
    $basename = basename($filename);

    // GET THE CONTENTS OF THE FILE
    $filedata = file_get_contents($filename);

    if ($filedata)
    {
        // THESE HEADERS ARE USED ON ALL BROWSERS
        header("Content-Type: application-x/force-download");
        header("Content-Disposition: attachment; filename=\"$basename\"");
        header("Content-length: ".(string)(strlen($filedata)));
        header("Expires: ".gmdate("D, d M Y H:i:s", mktime(date("H")+2, date("i"), date("s"), date("m"), date("d"), date("Y")))." GMT");
        header("Last-Modified: ".gmdate("D, d M Y H:i:s")." GMT");

        // THIS HEADER MUST BE OMITTED FOR IE 6+
        if (FALSE === strpos($_SERVER["HTTP_USER_AGENT"], 'MSIE '))
        {
            header("Cache-Control: no-cache, must-revalidate");
        }

        // THIS IS THE LAST HEADER
        header("Pragma: no-cache");

        // FLUSH THE HEADERS TO THE BROWSER
        flush();

        // CAPTURE THE FILE IN THE OUTPUT BUFFERS - WILL BE FLUSHED AT SCRIPT END
        ob_start();
        echo $filedata;
    }

    // ERROR
    else
    {
        die("ERROR: UNABLE TO OPEN $filename");
    }
}

Open in new window

0
 

Author Closing Comment

by:Lightwalker
ID: 33710028
Thank you so much for e help
0
 
LVL 111

Expert Comment

by:Ray Paseur
ID: 33710995
Thanks for the points - it's a great question, ~Ray
0

Featured Post

Does Your Cloud Backup Use Blockchain Technology?

Blockchain technology has already revolutionized finance thanks to Bitcoin. Now it's disrupting other areas, including the realm of data protection. Learn how blockchain is now being used to authenticate backup files and keep them safe from hackers.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

It is possible to boost certain documents at query time in Solr. Query time boosting can be a powerful resource for finding the most relevant and "best" content. Of course the more information you index, the more fields you will be able to use for y…
Originally, this post was published on Monitis Blog, you can check it here . In business circles, we sometimes hear that today is the “age of the customer.” And so it is. Thanks to the enormous advances over the past few years in consumer techno…
The viewer will learn how to dynamically set the form action using jQuery.
The viewer will learn how to create a basic form using some HTML5 and PHP for later processing. Set up your basic HTML file. Open your form tag and set the method and action attributes.: (CODE) Set up your first few inputs one for the name and …
Suggested Courses

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question