Use random URLs for attachment uploads

There’s ways of doing it, but they are a little advanced. If you’re not to bad with your coding, then this shouldn’t be too hard.

When I’ve done this before, I’ve set up a stand-alone script that will receive the file ID, check that the user is allowed to access that file, and then outputs the file to the user. The URl that the user gets is something like ‘www.mysite.com/download.php/?file=2’. The only thing that you need to remember is to set the headers correctly for the files MIME type, and then you can directly output the file to the user and close the script after it. As a (very brief example…

<?php
$file_id = $_GET ['file'];

if (/* Check for allowed access */) {
    $file_location = get_attached_file ($file_id);

    header ('Content-type: application/pdf');  // Set whichever headers you need for this file type
    echo file_get_contents ($file_location);
    die ();
}
else {
    wp_die ('You are not allowed to access the file');
}

Thank you Catacaustic, that was a really helpful reply! Exactly what I needed and it’s up and running beautifully.

Now I will just need to see how to handle different filetypes on the fly, and how to allow it to download rather than load the file.

Thanks again.

Hi Catacaustic,

The system has been working like a charm but I just learned that IE8 doesn’t work well with it. The “View” and “Download” options I built using your suggestions simply fail to load the PDF.

My first thought is to tell the client to just upgrade to a good browser. But they are required to use it. Any idea if this is a known limitation of IE8 or something else?

Thanks!

I don’t personally know, but there’s a very good chance that IE8 does’t work well, and you’ll need some extra headers set. As for what they are.. I can’t tell you. There’s a few million places around the web that discuss what’s needed for forcing downloads, so a few quick searches should give you some ideas.