I would like to download files from a repository, I have the code below, the file is found, but nothing happens...
I have no error.
I used test values for the moment, but I will use GET later.
The target is to donwload the file directly :
$dossier = "../private/cartes_identites/test/";
$filename = "test.png";
$file = $dossier.$filename;
//First, see if the file exists
if (!is_file($file)) { die("<b>404 File not found!</b>"); }
else echo "file exists";
$ext = strrchr( $filename, "." );
switch( $ext ) {
case ".zip": $type = "application/zip"; break;
case ".txt": $type = "text/plain"; break;
case ".pdf": $type = "application/pdf"; break;
case('gif') : $type = "image/gif";break;
case('pnggif') : $type = "image/png";break;
case('jpg') : $type = "image/jpeg";break;
default: $type = "application/octet-stream"; break;
}
echo $ext;
// Constitution de l'header suivant le type
header("Content-Description: File Transfer");
header("Content-Type: $type\n");
header("Content-Transfer-Encoding: binary");
header("Content-disposition: attachment; filename=$filename");
header("Content-Length: ".filesize( $dossier.$filename ) );
// Lecture et Affichage
file_get_contents( $dossier.$filename );
?>
Currently you're just reading the file's content through file_get_contents, but you're never delivering the content to the client.
Either echo the file's content to the user like this
// ...
header("Content-Length: ".filesize( $dossier.$filename ) );
// Lecture et Affichage
echo file_get_contents( $dossier.$filename );
?>
or you can also use the readfile function instead of the file_get_contents like this:
// ...
header("Content-Length: ".filesize( $dossier.$filename ) );
// Lecture et Affichage
readfile( $dossier.$filename );
?>
Also, you should get rid of the echo $ext; and only echo the file content, otherwise it might look like the file's corrupt.
Related
I want to download my zip file by a variable ($direccion) that I want to assign to it and when I try to do it, it comes out that the file is corrupted.
$file_name = basename('C:/xampp/htdocs/issv/upload/26908557.zip');
header("Content-Type: application/Zip");
header("Content-Disposition: attachment; filename=26908557.zip");
header("Content-Length: " . filesize('C:/xampp/htdocs/issv/upload/26908557.zip'));
readfile('C:/xampp/htdocs/issv/upload/26908557.zip');
exit;
that's my code and it only works that way, but I want to put the $direccion path to it
$direccion='c:/xampp/htdocs/issv/upload/'.trim($cedula);
this is what my variable $cédula means $cedula=$_POST['cedula'];
There many ways of zip file creation which are;
$zip_file = '(path)/filename.zip';$dir = plugin_dir_path( __FILE__ );
$zip_file = $dir . '/filename.zip';$zip = new ZipArchive();
if ( $zip->open($zip_file, ZipArchive::CREATE) !== TRUE) {
exit("message");
} $zip->addFile('full_path_of_the_file', 'custom_file_name); $download_file = file_get_contents( $file_url );
$zip->addFromString(basename($file_url),$download_file); $zip->close();
Or simply do this:
$url = "http://anysite.com/file.zip";$zip_file = "folder/downloadfile.zip";$zip_resource = fopen($zipFile, "w");$ch_start = curl_init();curl_setopt($ch_start, CURLOPT_URL, $url);curl_setopt($ch_start,CURLOPT_FAILONERROR, true);curl_setopt($ch_start,CURLOPT_HEADER, 0);curl_setopt($ch_start,CURLOPT_FOLLOWLOCATION, true);curl_setopt($ch_start,CURLOPT_AUTOREFERER, true);curl_setopt($ch_start,CURLOPT_BINARYTRANSFER,true);curl_setopt($ch_start,CURLOPT_TIMEOUT, 10);curl_setopt($ch_start,CURLOPT_SSL_VERIFYHOST, 0);curl_setopt($ch_start,CURLOPT_SSL_VERIFYPEER, 0);curl_setopt($ch_start,CURLOPT_FILE,$zip_resource);$page =curl_exec($ch_start);if(!$page){echo "Error :- ".curl_error($ch_start);}curl_close($ch_start);$zip = new ZipArchive;$extractPath = "Download File Path";if($zip->open($zipFile) != "true"){echo "Error :- Unable to open the Zip File";}$zip->extractTo($extractPath);$zip->close();
class FileNotFound extends RuntimeException {}
$downloadUploadedZip = function(string $filename): void {
$directory = 'C:/xampp/htdocs/issv/upload';
if (dirname($filename) !== '.') {
$directory = dirname($filename);
}
$filename = basename($filename);
$filepath = sprintf('%s/%s', $directory, $filename);
if (file_exists($filepath)) {
header("Content-Type: application/zip");
header(sprintf("Content-Disposition: attachment; filename=%s", $filename));
header(sprintf("Content-Length: %d", filesize($filepath)));
readfile($filepath);
exit;
}
throw new FileNotFound(sprintf('File %s not found.', $filepath));
};
$downloadUploadedZip('26908557.zip');
$downloadUploadedZip('C:/xampp/htdocs/issv/upload/26908557.zip');
<?php
if(isset($_POST['sportname'])){
include("connect.php");
$name = $_POST['sportname'];
$sql = "Select docs From tbl_sport WHERE sprt_name= '".$name."'";
$result = mysql_query($sql);
$row=mysql_fetch_object($result);
$file = $row->docs;
ini_set("allow-url-fopen", true);
// Fetch the file info.
$filePath = 'http://prisaa-region11.com/Docs/'.$file;
if(file_exists($filePath)) {
$fileName = basename($filePath);
$fileSize = filesize($filePath);
// Output headers.
header("Cache-Control: private");
header("Content-Type: application/stream");
header("Content-Length: ".$fileSize);
header("Content-Disposition: attachment; filename=".$fileDisplayName);
// Output file.
readfile ($filePath);
exit();
}
else {
die('The provided file path is not valid.');
}
}
?>
i dont know whats wrong with the path
You might want to try Filter Validator
if (filter_var($url, FILTER_VALIDATE_URL) === FALSE) {
die('Not a valid URL');
}
Check this similar thread
Best way to check if a URL is valid
i start my downloads with a php script, it's very simple and looks like this:
$dir = 'downloads/';
$type = 'application/x-rar-compressed, application/octet-stream, application/zip';
function makeDownload($file, $dir, $type)
{
header("Content-Type: $type");
header("Content-Disposition: attachment; filename=\"$file\"");
readfile($dir.$file);
}
if(!empty($_GET['file']) && !preg_match('=/=', $_GET['file'])) {
if(file_exists ($dir.$_GET['file'])) {
makeDownload($_GET['file'], $dir, $type);
}
}
It works fine on win7 + ff/opera/chrome/safari, but on MAC it tries to download file.rar.html or file.zip.html instead of file.rar/file.zip.
Any ideas why?
Thanks in advance
"application/x-rar-compressed, application/octet-stream, application/zip" is not a valid file type. You need to add logic in your script to detect the type of file, then offer a specific file type. Example (untested):
<?php
$dir = 'downloads/';
function makeDownload($file, $dir)
{
switch(strtolower(end(explode(".", $file)))) {
case "zip": $type = "application/zip"; break;
case "rar": $type = "application/x-rar-compressed"; break;
default: $type = "application/octet-stream";
}
header("Content-Type: $type");
header("Content-Disposition: attachment; filename=\"$file\"");
readfile($dir.$file);
exit; // you should exit here to prevent the file from becoming corrupted if anything else gets echo'd after this function was called.
}
if(!empty($_GET['file']) && !preg_match('=/=', $_GET['file'])) {
if(file_exists ($dir.$_GET['file'])) {
makeDownload($_GET['file'], $dir);
}
}
?>
I have this download script which works perfectly, but one the file is downloaded, I want the page to reload. But once the file is downloaded, the page just dies? It is supposed to be a secure download script so users can't see the paths of files. It's called by using a POST submission
<?php
session_start();
//Assign variables from session
$userid = $_SESSION["id"];
$email = $_SESSION['email'];
$password = $_SESSION['password'];
//Require database connection and functions
require('includes/config.php');
include('includes/functions.php');
//Check if user is logged in
if (!$userid || !$email || !$password)
{
header("Location: index.php");
}
// Usage: Download
// Path to downloadable files (will not be revealed to users so they will never know your file's real address)
$hiddenPath = "uploaded_notes/";
// VARIABLES
if (!empty($_POST['file'])){
$file_id = $_POST['file'];
$result = mysql_query("SELECT * FROM files WHERE id='$file_id'");
$row = mysql_fetch_array($result);
$file = $row['location'];
$price = $row['price'];
$result2 = mysql_query("SELECT coins FROM users WHERE id='$userid'");
$row2 = mysql_fetch_array($result2);
$coins = $row2['coins'];
$new_coins = $coins-$price;
if ($new_coins >= 0)
{
mysql_query("UPDATE users SET coins = $new_coins WHERE id='$id'");
}
else {
header("Location: dashboard.php");
die();
}
//Insert into purchases
$datetime = date("Y-m-d H:i:s");#
mysql_query("INSERT INTO purchases (userid, fileid, datetime) VALUES ('$userid', '$file_id', '$datetime')");
$file = str_replace('%20', ' ', $file);
$category = (!empty($_GET['category'])) ? $_GET['category'] . '/' : '';
} else {
header('Location: dashboard.php');
die('Hacking attempt reported.');
}
$file_real = $hiddenPath . $category . $file;
$ip = $_SERVER['REMOTE_ADDR'];
// If requested file exists
if (file_exists($file_real)){
// Get extension of requested file
$extension = strtolower(substr(strrchr($file, "."), 1));
// Determine correct MIME type
switch($extension){
case "asf": $type = "video/x-ms-asf"; break;
case "avi": $type = "video/x-msvideo"; break;
case "exe": $type = "application/octet-stream"; break;
case "mov": $type = "video/quicktime"; break;
case "mp3": $type = "audio/mpeg"; break;
case "mpg": $type = "video/mpeg"; break;
case "mpeg": $type = "video/mpeg"; break;
case "rar": $type = "encoding/x-compress"; break;
case "txt": $type = "text/plain"; break;
case "wav": $type = "audio/wav"; break;
case "wma": $type = "audio/x-ms-wma"; break;
case "wmv": $type = "video/x-ms-wmv"; break;
case "zip": $type = "application/x-zip-compressed"; break;
case "jpg": $type = "image/jpeg"; break;
default: $type = "application/force-download"; break;
}
// Fix IE bug [0]
$header_file = (strstr($_SERVER['HTTP_USER_AGENT'], 'MSIE')) ? preg_replace('/\./', '%2e', $file, substr_count($file, '.') - 1) : $file;
// Prepare headers
header("Pragma: public");
header("Expires: 0");
header("Cache-Control: must-revalidate, post-check=0, pre-check=0");
header("Cache-Control: public", false);
header("Content-Description: File Transfer");
header("Content-Type: " . $type);
header("Accept-Ranges: bytes");
header("Content-Disposition: attachment; filename=\"" . $header_file . "\";");
header("Content-Transfer-Encoding: binary");
header("Content-Length: " . filesize($file_real));
// Send file for download
if ($stream = fopen($file_real, 'rb')){
while(!feof($stream) && connection_status() == 0){
//reset time limit for big files
print(fread($stream,1024*8));
flush();
}
fclose($stream);
}
}else{
// Requested file does not exist (File not found)
echo("Requested file does not exist");
die();
}
?>
The refresh code works if I put it right before
print(fread($stream,1024*8));
But after that it does not work...
Downloading a file is a one time thing. You won't be able to redirect after the file is downloaded. You can try adding a refresh header before pumping out your contents, but some browsers will see that as a cancellation.
See this post for more information: https://stackoverflow.com/questions/5960895/redirect-after-download-not-working-php
You can read this post, this post, and this post for more information.
Basically, what they all boil down to is the HTTP headers. A redirect header cannot be sent after you have echoed content. On the other hand, a redirect header before echoing content will just cancel the download.
A different way you could do this would be to have a hidden iframe, and submit your request there, but I am guessing that isn't what you are wanting.
I am using wordpress for my website and there are some wallpapers in my folder which i provide for download . But i dont want users to know the exact file location of folder . As there is a subscription for the download.
suppose my file is stored in
http://www.example.com/wp-content/example.folder/awesome.png
Now how to hide the folder name example.folder and use any fake name, That dosent shows up while downloading . Really need a big help on this. can anyone suggest me a good method. I tried some wordpress plugins , but no help on this.
Example With PDF doc
$nameOld = "/public_html/wp-content/example.folder/oldnme.pdf";
$nameNew = "newName.pdf" ;
header("Content-Transfer-Encoding: binary");
header('Content-type: application/pdf');
header("Content-disposition: attachment; filename=$nameNew"); //
readfile($nameOld);
Edit
Prove of Concept for your image system using download.php?img=flower without the extension and flower show be the image name
$directory = "/public_html/wp-content/example.folder/";
$types = array("jpg","gif","png");
$ext = null;
if (! isset($_GET['img'])) {
die("Invalid URL");
}
$nameOld = filter_var($_GET['img'], FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_HIGH | FILTER_FLAG_STRIP_LOW);
$nameNew = uniqid(basename($nameOld));
// File the file
foreach ( $types as $type ) {
if (is_file($nameOld . "." . $type)) {
$ext = $type;
break;
}
}
if ($ext == null) {
die("Sorry Image Not Found");
}
$nameOld .= "." . $ext;
$type = image_type_to_mime_type(exif_imagetype($nameOld));
header("Content-Transfer-Encoding: binary");
header('Content-type: ' . $type);
header("Content-disposition: attachment; filename=$nameNew"); //
readfile($nameOld);