Problem
When I offer a download to a user, I don't want them to be able to copy the URL and share it with others. To go even further: I would like to give out the download only once. If they access the URL a second time, I'd like to throw a 404.
Question
How can I prevent a user from accessing the download URL a second time and is this method full proof.
Additional information
I currently serve my file as follows:
header("Content-type: application/pdf");
// Set the name of the downloaded file here:
header("Content-Disposition: attachment;filename='example.pdf'");
// Get the contents of the original file:
echo file_get_contents('example.pdf');
I've also added a table to my mysql database
+----+------+-------+------+
| downloads |
+----+------+-------+------+
| id | file | token | flag |
+----+------+-------+------+