There are several ways to do this and the there was a debate about it a while back on this or sitepoints forum as to whether or not it actually works.
I personally think that this method does work as long as you take the correct steps to protect the file download.
Firstly you need to be on a server which lets you use set_time_limit() because you really need your php script to be outputting the file stream in a loop.
Second you need to store the files outside of your public_html so that people cannot directly access them any other way other than use your script. That way your script is the only way to access the files.
Thirdly you need to make use of register_shutdown_function() to determine if the file download was finished or not. If not you keep your download details active in the database. If it was completed then you just adjust those details so that the script knows not to offer it for download again.
It's not really an easy one to show you in code but if you look at ways of doing what I've said above and break it down you should be able to come up with your own code.
My helpful sig has gone because a mod below the administrator gave me an infraction - despite the administrator personally agreeing to it.
If you need any php tips or tricks you can PM me.