Linklocker Free (encrypt download links)

With a very small amount of customization, yes, you could require it to come from a specific page. However, this is not entirely secure either. The request headers of the browser are read to see where the user is coming from. If a malicious person knew what page the requests were supposed to be coming from, they could simply “fake” the header and the site would be none the wiser. One feature that will likely be a saving grace here is that the module allows links to be restricted to a specific member group or groups. Each link can be locked to a different group or set of groups. I would personally recommend a combination of security measures. I believe the module to be a great tool for securing links to assets, but keep in mind that it is a $30 tool, and as such, I make no guarantees, warranties, etc. If you put files or information of value on the internet, you must assume that it is always susceptible to being targeted by unscrupulous persons.

Hey Brad, I’m having a hard time getting Link Locker working, and I suspect it might have something to do with the LG .htaccess Generator module.

Link Locker seem to work as much as it’s generating the URL, but when I click on the link to download the file, I get the error page redirection, which doesn’t parse the EE tag. Here’s my code:

{exp:linklocker url="{resource_file}" expires="10" iplock="off" err_page="{path=insights/tags}"}

The url that results is:

http://newsite.kalypso.com/{path=insights/tags}/

The thing that makes me think that it’s connected to the LG .htacces module, is that when I click to install Link Locker, I get the following error:

Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at /home/kalypso2/public_html/newsite/kalypso_system/modules/linklocker/mcp.linklocker.php:128) in /home/kalypso2/public_html/newsite/kalypso_system/extensions/ext.lg_htaccess_generator_ext.php on line 672

Is this something that might clear up with version 2.0? Is there a change I should make to the LG .htaccess template to get the two to play well together?

Thanks for the hard work on this module, I’m really hoping to be able to use it when we launch the site.

Steve,

It appears some dummy left a blank space on line 128 when the script should be finished. Please open the mcp.linklocker.php file and delete the extra space that appears to be on line 128 after the final “?>”. I’m confident this is the issue. I’ve updated the module to version 1.4.2 and posted a link on the first post of this thread. If you’d prefer, you can simply download the new version and replace your mcp.linklocker.php file with the one included in the .zip.

Thanks, Brad

Wow, thanks for the quick update!

That took care of my module activation error, but I’m still having the other issues. Clicking the link takes me to the error page, and the URL is the one I pasted above, with the EE code in the path…

Try adding single or double quotes around the insights/tags so it looks like path=’insights/tags’. If that doesn’t do the trick, could you attach the template code so I can take a closer look?

[my error: I should have posted this under the “pro” thread; have replicated it there]

I’m implementing the “Pro” version of Linklocker (v.2.4.2), and wondering if you know of any way to query and limit the maximum number of downloads based upon a time limit – not of one particular link, but of all links downloaded by a member (in our case there is one download related to each weblog entry)?

To put it another way …. 😉 we would like each member of a particular group to be limited to a maximum of, say, five different PDF file downloads across our entire EE site during their first 30 days of membership (a “trial” period).

I’d appreciate any advice on how to implement this, and if Linklocker can help (perhaps with an extra hook into the Linklocker_stats extra?); otherwise, I think I will have to implement a counter as some kind of member custom field.

Thanks in advance!

I ended up removing the EE path syntax, and just used an actual path, and it at least processes the URL correctly. The problem is still though that the link to the file results in an error. Here’s my template, though in my experience a lot of stuff gets stripped out. I have two versions of the file download, one using Link Locker, one without, to make sure the real link works.

{exp:weblog:entries weblog="resource" orderby="date" sort="asc" disable="member_data|trackbacks"}

    <div class="resource {resource_type}">
        <h4>{title}{if resource_author}<small>, by {resource_author}</small>{/if}</h4>
        
            {exp:html_strip}{resource_description}{/exp:html_strip}
            {if resource_file}
                {resource_file}<a href="http://{file}" title="{title}">{title}</a>{if row_count != total_rows OR resource_file AND resource_link} | {/if}{/resource_file}
                {resource_file}<a href="http://{exp:linklocker">{title}</a>{/resource_file}
            {/if}
            {if resource_link}
                {resource_link}{row_count}/{total_rows} <a href="http://{url}" title="{title}" target="_blank" rel="noopener">{title}</a>{if row_count != total_rows} | {/if}{/resource_link}
            {/if}
        
        {exp:simpletag:taggify path="{path=insights/tags}" delimiter=",_"}
        <small>{tags}</small>
        {/exp:simpletag:taggify}
    </div>
        
{/exp:weblog:entries}

Edit: This is so irritating, the code wrapper always removes pieces of my templates. I attached the template file, hopefully that works. :)

Hi My link keeps going to the error page. The file is definitely there and linklocker is generating it’s link. I have force query strings on (unfortunately) - could this be causing an issue? I’ve passed in the file as a URL rather than the file extension tag and it still doesn’t work.

Here is my code:

<a href = "{exp:linklocker url='{file_url}' expires='10' iplock='off' err_page='http://www.example.com' }" title = "{file_name}">{title} download</a></li>

Please check that the weblog holding the file_url variable is set for “no formatting”. Also, you may try temporarily removing the linklocker tag and just populating the href with the file_url variable and see what happens.

I’m getting an error:

Fatal error: Call to a member function fetch_param() on a non-object in /home/admin/public_html/system/modules/linklocker/mod.linklocker.php on line 96

I checked the .htaccess file and there’s nothing relevant. Line 96 seems to relate to the “expires” parameter, but with or without using it I get the same error. I’ve tried:

{exp:linklocker url='{sotm_link}' }

and

{exp:linklocker url='{sotm_link}' expires='60'}

and the path in “sotm_link” is valid otherwise.

Hi Brad,

First off sorry everyone for the extra point towards the post.

I was just installing this module today again on my server and I originally had it working (and it still does) fine on :

http://www.example.com

with its own database etc…

I am now setting up a second install on the same server located here :

http://www.example.com/secondinstall

This has a separate database so basically just ExpressionEngine installed in a separate folder but on the same server.

I have placed the bog standard LinkLocker tag into a template and hard-coded a link to a file which definitely exists on the server because if I type it in manually then it shows (file is a png image). If I try the output that the module gives though it just loads the template but I get a totally blank template, no download initiates or anything.

I then went back to my original ExpressionEngine install - http://www.example.com and tried the exact same thing there and it works fine, plus the link that the module created seemed a lot lot shorter.

So basically I was just wondering can this still work from within a sub-folder separate install on the same server? I would guess that it should work but for some reason I can’t see why it isn’t.

One other thing to mention is that I tried the exact same tag code from the second install in a template on the first install and it downloads the file from the sub-folder fine!! Really don’t understand why it won’t work straight from the second install though?

Any help would be greatly appreciated.

Best wishes,

Mark

Hey Mark,

I can’t say why you’re having this issue. To be honest, I’ve never tried installing EE to a subfolder. If you would like for me to jump on the server and take a look at it, perhaps you could PM me the details, an EE login for the installation, and FTP access so I can debug? If not, I’ll try to find the time in the near future to install to a subfolder and see if I can duplicate the issue.

Thanks, Brad

If you would like for me to jump on the server and take a look at it, perhaps you could PM me the details, an EE login for the installation, and FTP access so I can debug? If not, I’ll try to find the time in the near future to install to a subfolder and see if I can duplicate the issue. Thanks, Brad

It’s not too much of an issue really. This was never going to be for a live site more of a site that I could just test things out on really, sort of a play-bed so I’m not too fussed.

Just seemed a bit weird that it didn’t want to play nice in a sub-folder. I might take a look at your code and see if I can spot anything anywhere a bit later this week. Did seem a little strange though that the link was WAY longer just because of being in a sub folder though.

Anyway don’t lose any sleep over it, if you or anyone else does get a chance to try this out and finds anything out then it would be nice to know what is causing it but it’s not anything mission critical so it can definitely wait if needs be,

Thanks again for a great module.

Best wishes,

Mark

Hey Brad,

I’m still having the issue I mentioned in my PM yesterday. To recap for the folks reading the thread… the module does mask/encrypt the URL to files. But, when a file is downloaded it seemed to be “damaged” OR the file brings up a blank page in the browser (doesn’t matter if it’s a jpg or pdf or whatever).

As you kindly suggested, I tried and/or checked the following:

• The link being passed in is a valid URL
• The link is being passed in using nGen File Field / Field Frame so the text formatting isn’t even an option
• I’ve been able to download / view the files, undamaged, using the exact URL / link.

All of those things above bring up a blank browser page.

So, I also tried adding the domain to the file’s path so the download link would reference a full URL. That gives me the “damaged” file I mentioned previously (like described here: http://ellislab.com/forums/viewthread/79187/P108/#460779

The last thing is .htaccess of course. I’m no .htaccess expert by any means, but I did try removing any code in there and reverting to including “index.php” in the URL and came up with the same result (blank browser page).

I’m really stuck. 😊