oh, and I forgot to add, if you don't want the user to be able to spread the link, then have the script as say:

http://www.site.com/cgi/bin/get.cgi?file=7&id=someencrypted_string
[download]

where someencrypted_string is, say, the user's ip encrypted in des or something. or if you want to get really technical, say so they only have a certain amount of time to dl the file themselves, you could encrypt the date into it as well as the ip.  >:-]

______________________________________________
When I get a little money, I buy books. If I have any left over, I buy food and clothes.
-Erasmus