I checked similar posts and here's the problem: a portion of my codes :
if($_GET['dl']) {
$file=$_GET['dl'];
$file="../../rep/".$file;
header('Content-Type: application/octet-stream');
header("Content-Transfer-Encoding: Binary");
header("Content-disposition: attachment; filename=\"" . basename($file) . "\"");
readfile($file);
exit;}
This code runs when user submit form and redirects on current PHP file. The result opens in browser rather than download. I checked a lot of other headers or modifications with no clue.
So I made a separated PHP file : download.php and paste the above code exactly on it. then redirect user to this new file And Problem solved! (File downloads without any problem)
So my question is what's the problem exactly?
Thanks from comments, the reason founded!
I had started the PHP tag <?php from second line in the file like this:
...
php tag start here <?php
Perhaps first line considered as an output.removed first line and now download starts properly ;)
Related
I'm developing a web application.
A user can download a specific zip file using readfile() if the zip has been correctly generated.
But since I've integrated the readfile() line, I can't echo anything before or after this line. Here is the code sample causing problem :
if($zip->status == 0){
$zip->close();
$file_url = './zip/'.$userDir.'.zip';
header('Content-Type: application/octet-stream');
header("Content-Transfer-Encoding: Binary");
header("Content-disposition: attachment; filename=\"" . basename($file_url) . "\"");
readfile($file_url);
echo'
<div class="alert alert-primary" role="alert">
Success
</div>';
}
Everything in the condition is called except for the echo lines at the end. When I remove the readfile($file_url) line, the echo is called.
I also tried to move the echo lines before the line
$file_url = './zip/'.$userDir.'.zip';
And it doesn't work either. Am I missing something ?
If you echo after "sending the file" to the user you are going to corrupt the file.
You have to think as the php code as a download link, the user clicks on it and get a file. Also sending an echo is not going to the user screen since you have this headers
header('Content-Type: application/octet-stream');
header("Content-Transfer-Encoding: Binary");
I had a similar problem. In my case, a submitted form is generating a pdf file but since automatic download is initiated with readfile() on the action page, HTML of the latter wouldn't load, the browser keeps the form page open - that's where I added an overlay div which becomes visible only after clicking submit, blocking all content except a simple button which takes to the same action page but with the help of GET information, readfile() code isn't running again. Sure a button has to be clicked but it can be a good thing, some sort of download acknowledgement.
It feels, however, a bit odd, loading the same page twice.
I am using the following code in a php document to force download of a pdf form since the submission works only after you have it on your local machine rather online.
It downloads the file ok but it corrupts it.
I can no longer open the pdf document.
<?php
$file_name = 'costumer.pdf';
$file_url = 'http://www.lopezi.com/forms/' . $file_name;
header('Content-Type: application/pdf');
header("Content-Transfer-Encoding: Binary");
header("Content-disposition: attachment; filename=\"".$file_name."\"");
readfile($file_url);
?>
The Content-Transfer-Encoding header shouldn't be needed in this case. Further I suspect that you have corruption in the outputted file.
Download it somewhere, open notepad, and drag the file in there. If any PHP warnings or errors were generated you will see them at the top.
Also, try to avoid the option of having more content return from the script, causing problems with the download, end with something like:
die(file_get_contents($file_url));
This way you cannot accidentally break the code easily by adding more output.
I have a problem with invalid signing certificates on files downloaded using Firefox. IE, Opera, Safari and Chrome are all fine. If the file is downloaded directly by clicking a link in FF it's also ok but if the file is downloaded using PHP for security it is 1 byte larger, having a x0A tacked on the end and I think this is causing it to fail the validation check. The PHP is very simple:
<?php
$file = "../downloads/".$_GET['link'];
$size = filesize($file);
$type = filetype($file);
header('Content-Type: application/octet-stream');
header("Content-Transfer-Encoding: Binary");
header( "Content-Disposition: attachment; filename=".basename($file));
header("Content-Length: ".$size);
header("Content-Type: ".$type);
readfile($file);
?>
Does anyone have any idea why Firefox alone should be having problems with getting the size right here? Grateful for any ideas.
Check if file exists and is placed in allowed location - now attacker is able to download nearly every file on your webserver
Don't use closing phptag - ?>, every whitespace after it will be send to the browser
Use exit; just after readfile to make sure no other function that produces output is called.
check on the Content-Type header, you set it twice so the latter one will be used, it could be something like "Content-Type: file" due to function filetype(), the browser can't understand "file" content type and take it as a text file. I guess that's the cause of the extra 0x0a.
Comment "header("Content-Type: ".$type);" and it will work fine.
replace below line
<?php
header("Content-Length: ".strlen($file));
?>
good luck :)
I'm currently building a script that will allow a user to download a file via a URL without actually seeing the filename or where the file is stored. So far I have everything built out, but I need to know how I would go about calling the file to open and download. I currently have a working version (code below), but for some reason the PHP is corrupting the download. Everytime I try to open a file that downloads to my desktop I get a corrupt error message. When I open the same file on the server itself, the file works just fine.
URL Structure:
http://www.example.com/download/file/cjVQv0ng0zr2
Code that initiates the download
$fullpath = BASE_PATH . '../uploads/brochures/' . $vendors['0']['filename'];
header("Content-type: application/pdf");
header('Content-disposition: attachment; filename="' . $fullpath . '"');
Am I doing something wrong that would cause the file to become corrupt? Am I missing a header or two?
Thanks in advance,
Jake
You need to call the following line after sending the header.
readfile($fullpath);
and also adjust in the header like this:
header('Content-disposition: attachment; filename="' . basename($fullpath) . '"');
One thing i am not sure about is the $fullpath .. try to see if the $fullpath you have is correct and you can actually reach the file, this needs to be the full physical path of the file.
I think it would also be a good idea to add the following header as well:
header("Content-Transfer-Encoding: binary");
I had a similar issue a while back. Make sure you don't have any extra whitespace in your script file, either before the "<?php" tag or after the "?>" tag. In my case the last character of my script was "\n" instead of the expected ">".
I had faced the same problem sometime back, following worked for me; put a
while( #ob_end_clean() );
just before header functions:
header("Content-Type: ". $row['p_mime']);
header("Content-Length: ". $row['p_size']);
header("Content-Disposition: inline; filename=".$row["p_name"]);
Content-disposition: attachment/inline has to be set according to cases (1. prompt for download / 2. open in browser)
NOTE: Take care that you are not echoing and value before the header function, and being over cautious will not do any harm, silent out all the function before header function which you think would fail or spawn a warning message prefixing "#" symbol to those lines of php code.
all the best :)
Make sure you exit...
(i'm using a blob)
header("Content-Type: " . $response['content_type'] );
header("Cache-Control: maxage=1");
header("Pragma: public"); //fixes ie bug
echo trim($_data);
exit();
I have a script that lets the user download files (stored in a blob field after doing a bin2hex() )
function hex2bin($h){ ... }
// code to get $filecontent,$filesize,$uploadname from database
header('Content-Description: File Transfer');
header('Content-Type: application/octet-stream');
header("Content-Length: $filesize");
header('Content-Disposition: attachment; filename="'.$uploadname.'"');
echo hex2bin($filecontent);
everything is working fine, except the browser is taking 3 to 4 seconds after
downloading the file to finally terminate the http session.
Any clue whats causing that.
thanks.
Pari
Turns out there was an ob_start("ob_gzhandler")
in one of the include files. Removing it solved the issue.
thanks everyone.
Pari
Probably the "code to get $filecontent,$filesize,$uploadname from database" is the problem. Show it