Let me first say, I'm not a coder. I made it through my CS111 class by a hair, and realized that graphic design was The Way To Go :rolleyes:
I haven't the slightest clue if this is the appropriate forum for what I'm asking about, I just made an uneducated guess :cool:

I run a website that provides access to files that are modifications for a computer game. Unfortunately, I have a number of users that are downloading the content and redistributing them without my permission, making my website, well, moot. I've been unsuccessful trying to isolate the specific users, and so I'm wondering if something along these lines would be possible:

I'd like to be able to tag or somehow ID files that are downloaded with the username of the downloader (contained in the .htaccess file). It would need to be undetectable by the downloader. There would also need to be a (preferably seperate) function that would allow me to read the IDs of tagged files, so that when I receive "shared" files from my site, I can determine which user downloaded and then shared them.

I haven't the slightest clue what language the game was coded in, although I can provide you a sample file if that is helpful at all. Again, I don't know if this is even a remote possibility.. so let me know if it is, or if this is all crazy talk.

I appreciate any responses :)

What type of files are these?

All I can think of is actually programming some sort of serial number right into the file itself. I assume the file is a binary or graphic file?

Then, maybe that serial number is part of the filename. When they download it, you get the serial number off the filename, rename the file, and give it to them ... saving their name along with the serial number in a database.

If the file ever shows up again, you have a way to view the serial number inside the file contents somehow. Only you know how to view the serial number.

This would involve having many of the same file, each with a different serial number.

... I don't know ... maybe that's too far fetched :o

I just don't know how you could append anything to a file without corrupting it. It depends on what the file really is I guess.

The file is a .package file, specific to the game--it contains bmp texture files that are made to wrap around 3d meshes.

Here is an example:
http://www.megaupload.com/?d=3673UA36

The filename already includes a serial number automatically assigned to it by the game when created--we can't change that, as it would cease to function. The easiest way (in my layman's mind) to track the downloader would be to assign each authenticated user a unique ID, and attach that ID to each file that they download.

I have a friend who's particularly familiar with the 'guts' of a package file and could probably figure out a way to ID the file--I just don't think he has the knowledge to translate that information into a format that would be useful as a server script. I'll drop him a line anyway, just to see what comes of it.

EDIT:
One last detail. The files are distributed in a compressed zip file (of necessity because of their size, and for the fact that often more than one file is included in the download). I don't know where that leaves me.

The filename already includes a serial number automatically assigned to it by the game when created--we can't change that, as it would cease to function.

Am I correct ... that means ALL of the files have the same serial number. The serial number was created when the file was compiled and you are posting the same file for everyone to download?

Actually, each file has its own unique serial number, generated by the game and used to recognize exactly what it is. There are about 1,200 of these files for download, and each user can download the same files--multiple times, if they like (although I don't see why they'd want to).

hmm..if the guts of the file does have commenting included you could always attempt to edit the file and add a comment with the serial number..

but this could end up in corruption, I"m unsure.

Another idea (which is cheap and eaisly changed) is to add a serial file to the zip archive.

So your script would, create the file with a unique serial, place that in the zip and record the user/serial to your database and then when you get the file back or whatever you could compare that file.

Problem with this of course is the fact that the file can be deleted, but you can enforce a policy that states something to the matter that if the seriel number does not exist or is not valid that you don't let them do whatever it is you don't want them to do.

You would just have to watch out for duplicates, etc.

But I'm unsure if that solves your problem as I wasn't entirly clear on the problem ^_^;

I thought about going down the road of appending bytes to the end of a binary file using Perl.

But ... not much info found.

I think you might be back at square one on this.

It wouldn't be much different than me downloading an MP3 file and
emailing copies to my friends. That could happen with your data files
and you wouldn't even see them posted anywhere.

I'm sort of feeling that it's just the nature of the beast ...

You, like a musician, puts out files to purchase and hope people pay
for them instead of stealing them. People want things for free.

Maybe you can watermark your graphics on all of your available files,
and people must pay to get a duplicate file without the watermark.
If you see files on the internet without the watermark, you would
threaten them or contact their ISP for removal.

I'm sorry to say it's a battle you may not win.

Thanks for looking into it for me :)
It's not so much a problem of people downloading my files and sharing them with their friends--it's them sharing the files publicly on another website or forum. We (other webmasters with the same problem) have gone through all of the other channels, such as contacting their ISPs, their webhosts, etc etc, without much luck. The only safe bet is to figure out who is doing it, and ban them from the the site.

Here's the problem: we know who is distributing their files on their site/forum--at least by the name they call themselves. we also know who our users are. we just need a way to connect the two, hence the thought of tagging the files and seeing what comes around by retrieving what is posted on the filesharing forums/websites that distribute our material.

Adding a serial file to the zip archive wouldn't be of much use, either, since downloaders usually only save the .package file and discard the rest of the zip. When preparing to share the file, they then rezip the appropriate package, and all additional information would be lost. I guess it's back to the drawing board.

Again, I appreciate the time you took to check this out for me :D Thanks for everything.

There's a new thread that seems to provide the answer you're looking for; it's a link to a "Download Monitor".

http://codingforums.com/showthread.php?p=335387#post335387
http://www.focalmedia.net/dlm.html