locking pdf with php

[aarrgghh]

Hello all,

I have created a web site that creates pdf's with a users information contained within it using php. The problem I am having is that after the pdf is created, the user can edit his or her information. This defeats the whole purpose of why I wanted to create pdf's. Any ideas about how to lock the user out of the pdf?

Thanks in advance.

 

[sleipnir214]

Are you using the pdf_* family of functions or the cpd_* family of functions?

If it's the former, you should be able to do something like:

pdf_set_parameter($pdf, 'permissions', 'nomodify');


(See

http://www.php.net/manual/en/function.pdf-set-parameter.php

for more information.)

According to the PDFLib manual, the values which can accompany a key of "permissions" are:

[tt]noprint Acrobat will prevent printing the file.
nomodify Acrobat will prevent users from adding form fields or making any other changes.
nocopy Acrobat will prevent copying and extracting text or graphics, and will disable the accessibility interface
noannots Acrobat will prevent adding or changing comments or form fields.
noforms Acrobat will prevent form field filling, even if noannots hasn’t been specified.
noaccessible Acrobat will prevent extracting text or graphics for accessibility purposes (such as a screenreader program)
noassemble Acrobat will prevent inserting, deleting, or rotating pages and creating bookmarks and thumbnails, even if nomodify hasn’t been specified.
nohiresprint Acrobat will prevent high-resolution printing. If noprint hasn’t been specified printing is restricted to the »print as image« feature which prints a low-resolution rendition of the page.[/tt]

Keep in mind, however, that even setting 'nomodify' doesn't mean that the document cannot be edited. This quote from the PDBLib manual is actually a quote from the Adobe PDF manual: There is nothing inherent in PDF encryption that enforces the document permissions specified in the encryption dictionary. It is up to the implementors of PDF viewers to respect the intent of the document creator by restricting user access to an encrypted PDF file according to the permissions contained in the file.

Want the best answers? Ask the best questions:

http://www.catb.org/~esr/faqs/smart-questions.html

TANSTAAFL!!

 

[jimoblak]

Beware that these permissions/restrictions can be stripped away just as easily by someone who knows what they are doing. Not even PDFs created from Adobe Acrobat 6 are totally secure as I sadly learned this week.

- - picklefish - -

Why is everyone in this forum responding to me as picklefish?

 

[sleipnir214]

"sadly learned this week" ?

Want the best answers? Ask the best questions:

http://www.catb.org/~esr/faqs/smart-questions.html

TANSTAAFL!!

 

[aarrgghh]

below is the code that I am using. Maybe I am confused, but I don't think I am using either of the family of functions mentioned above. I am using FDF. Any ideas? Thanks again for you input/help.

<?php

//path to pdf file
$url= &quot;http:

http://www.linktext/pdf_cert/cert.pdf&quot;;

extract( $_POST );
$date = &quot;Presented on &quot;;
$date .= date( &quot;F d, Y&quot; );
$date .= &quot; to:&quot;;

$fdfdata = &quot;%FDF-1.2\n%‚„œ”\n&quot;;
$fdfdata .= &quot;1 0 obj \n<< /FDF &quot;;
$fdfdata .= &quot;<< /Fields [\n&quot;;

//add the field names and values

$fdfdata.=&quot;<< /V ($name)/T (certName) >> &quot;;
$fdfdata.=&quot;<< /V ($cert)/T (userCert) >> &quot;;
$fdfdata.=&quot;<< /V ($date)/T (date) >> &quot;;

$fdfdata .= &quot;]\n&quot;;
$fdfdata .= &quot;/F ($url) >>&quot;;
$fdfdata .= &quot;>>\nendobj\ntrailer\n<<\n/Root 1 0 R\n>>\n&quot;;
$fdfdata .= &quot;%%EOF&quot;;

/*** Now we display the FDF data which causes Acrobat to start ***/

header (&quot;Content-Type: application/vnd.fdf&quot;
print $fdfdata;

?>

 

[sleipnir214]

It looks to me like you're producing FDFs, not PDFs, and that you aren't using any of PHP's fdf_* family of functions to do it.

This is not a PHP question, but a question about Adobes file formats.

Want the best answers? Ask the best questions:

http://www.catb.org/~esr/faqs/smart-questions.html

TANSTAAFL!!

 

[jimoblak]

sadly

...as in one who produces PDFs regularly (like me) has no real means to secure the content from tampering or duplication.

this week

...as in I never really cared about PDF security until a particular job asked for it this week.



- - picklefish - -

Why is everyone in this forum responding to me as picklefish?