What is the dluid marker?
The 'dluid' marker is generated every time a page gets loaded in which said page displays files that are available for download. This is generated simply by Str::random('uuid') but really can be generated using any random string generation method.
The marker is then stored in a session, and is also appended to the URI of the download link and is also added to a session identifier ('dluid').
The code in the download handler checks to make sure the dluid stored in the session identifier matches the dluid passed in the URI. If they match, then we continue with the other checks. If they don't, then we throw a 404 error.
Proper download counts:
Implementing proper download counts has been a challenge of mine for a while, and a little clever sorcery got this working. This particular bit of code is heavily commented for easy comprehension.
GitHub gist here: https://gist.github.com/anonymous/11360646
This code cannot be used as-is, but feel free to steal as much from it as you want if it helps you at all.
It looks like you're new here. If you want to get involved, click one of these buttons!