When my users purchase a 'theme', after purchase is done, I add the theme to the theme_purchases MySQL table.
Like this:
PurchaseID -- UserID -- Theme Id
1 -- 44 -- 4
There's a page named mythemes.php that will show all of the themes this user have purchased. The user will be able to download the theme by clicking the button "Download".
And I want to handle the downloads like in this answer:
https://stackoverflow.com/a/15951217/1761494
In my case (With the user & his own themes), do I need to use Tokens (According to the answer I posted above).
Are there any other solutions for having a download page, protecting the download link ? use can download his theme any time?
Thanks!
I'm not sure that i understand your question as well. But, if you want to protect the theme file by hiding their real folder, maybe this could be good way: If the file is a zip, you just write a download php file, give the theme id with GET method. In download file you can check that it has right to download it, if yes, you send a header and the file, maybe like this:
$filename = "thiszip.zip";
header('Content-type: application/zip');
header('Content-Disposition: attachment; filename="' . $filename . '"');
header("Content-length: " . filesize($filename));
readfile($filename);