---Project Brief--- I run a firmware download utility, this comprises on a Windows application, a PHP based website for non-windows users and a php based admin backend for management.
I was recently notified that users are using a feature in Edge that I was unaware of and are able to see the URL that my files are stored at, allowing them to bypass limitations on what files they can access by right clicking the file whilst it is downloading and selecting “Copy URL”. The app hosts just over 3,000 files with only around 800 supposed to be accessible to normal users, however by altering the URL, they are able to gain access to the other files if they know the file name (all files follow a pattern, so guessing is easy).
The main concern is the web-based version. This is comprised of a 4-level selection box where users must select their drones Brand, then Model, then desired Firmware Version & finally the Category. This takes them to a page which displays some details about the file such as file size and release notes and also contains two download buttons. The URL on the download buttons is ‘hidden’ by using a form, the submit URL of the form is the actual download link and using the download page, this is served to the user as a file, the idea being that the file URL is kept secret.
The page also has integration with Fingerprint Pro (a user analytics system) and also allows the user to enter a user ID (this can also be supplied in the URL string) to see some semi-hidden files.
The ultimate goal is to protect these files!! The database system runs on MariaDB 10.1.
I would like for a system to be developed that looks and feels exactly like I have now, users are familiar with this design and trust it. However, using whatever method fits the job, the URL must be masked and not be susceptible to URL manipulation to serve additional files. I am open to creating new tables in the database to use session ID’s or anything that fits the job. I do NOT have root access to either server.
Code can be developed locally on your system, or remotely on the servers with FTP access. I am happy either way as long as I am able to validate the system works 100% as described before releasing payment.
As an important note, the files are on a physically separate server to the website server, this is done for cost reasons as the web host gives good servers with low disk space, the file host gives less well spec’d servers, but with much more disk space. All development has to happen on the web hosts servers.
I am happy with you reusing and tidying up my original code if this works, or a full rewrite (with code comments).
This is a very important system to me and my users so its vital that we get this right and it works for all users.
---Task Goals--- - Maintain current style and feel of pages. Small visual alterations are fine. - Maintain support for Fingerprint Pro (code is implemented on the ddd_check.php page and stored in the database in download.php, I have documented this in comments as much as I can). - Maintain support for the user entering a code on index.php & for this same code to be able to be passed in via the URL e.g “index.php?user_code=1e2fab1c-a371-4x48-974f-1844161f41t1” (this code is mature and can simply be re-used). - Protect the source URL of the firmware files at all times - Protect against a user manipulating the URL to download additional files - Be HTTPS from start to finish (Domain has a wildcard SSL Certificate applied via Cloudflare)
---Starting Point--- Current codebase will be provided as a starting point, including access to a mirror of the current live database as required for development, this will allow you to see how the current system works and ultimately its flaws.
The system is several years old at this point and could do with a little clean-up, I am not a PHP developer by trade so my code is very much function over form, but the code works and commented as much as possible.