Support the ongoing development of Laravel.io →
posted 10 years ago
Requests
Last updated 2 years ago.
0

You don't need to move it to accomplish this.

Lets say your web app is running here

/home/lar/app
/home/lar/public

And lets say your MP3 files live outside that folder

/usr/local/datastore/MP3s/

Make a table that stores download tokens and has fields to expire and mark downloads as used.

tblDownloadTokens

id | token | file | expires_on | used_on
_____________________________
1 | xyz | this.mp3 | 15/01/01 | Null

What you want to do is send the user to a download method and pass in the token

http://example.com/download_mp3?token=xyz

Your method checks the token to discover the file they want. Grabs the file and returns it in the response.

$file = select file from tblDownloadTokens where token = $token and used_on is Null and expires_on > now()

if $file:
update tblDownloadTokens set used_on = now() where token = $token
return Response::download('/usr/local/datastore/MP3s/' . $file);

Now you never have a public path to the MP3 and the token only works once, you never have to move or delete the file. As long as the folder that the MP3s live in permissions are set up properl, this will work. The MP3 folder needs only to belong to the same group or user apache is running as. Just make your tokens very complex

Last updated 2 years ago.
0

Sign in to participate in this thread!

Eventy

Your banner here too?

Terumi terumi Joined 13 Feb 2014

Moderators

We'd like to thank these amazing companies for supporting us

Your logo here?

Laravel.io

The Laravel portal for problem solving, knowledge sharing and community building.

© 2025 Laravel.io - All rights reserved.