Im just wondering becouse i have it set to permisions for certian users but in my control panel i still see some guest in the download.php area and not sure how they would get to this link if there a guest and dont have that area permission?
Also how secure is the download php in hiding actual link location?