I am trying to download files from server that I uploaded via html form.
If I try to download files that I had uploaded everything works good but if I try to download other people's files they are broken (0 kb size).
The download link is generated by a page for every user:
$_SESSION['u'] = $username;
echo ''.$entry.'';
If I echo($_SESSION['u']) I have the right username referred to user which I want to get the files.
And download.php is:
session_start();
$u = $_SESSION['u'];
$file = basename($_GET['file']);
$percorso = '/home/fosco/documents/'.$u.'/'.$file;
if(!$file){ // file does not exist
die('file not found');
} else {
header('Content-Description: File Transfer');
header('Content-Type: application/octet-stream');
header('Content-Disposition: attachment; filename="'.basename($percorso).'"');
header('Expires: 0');
header('Cache-Control: must-revalidate');
header('Pragma: public');
header('Content-Length: ' . filesize($percorso));
readfile($percorso);
exit;
}
Where is the mistake?
I don't understand why I am able to download certain file and not other.
I also tried changing permissions to 777 but nothing changed.
Moveing files to public_html, if I go to the public url the files are not broken but anyway I am not able to download it trought download.php
If I download the broken file from ftp it is ok, not broken.
Thanks for the help.
Fosco
I'm guessing that the file you request does not actually exists.
Your if-statement only checks if the variable $file is not false/empty/zero.
For checking if a file exists use the function file_exists()
Related
So, I need a little help here. I have a site which hosts some mp3s. When users click on the download url, it links directly to a file called downloadmp3.php, which goes 2 parameters in the url...the php file is included below, and it's basically supposed to FORCE the user to save the mp3. (not play it in the browser or anything).
That doesnt happen. Instead, it seems like the file is WRITTEN out in ascii to the browser. It seems like it's the actual mp3 file written out.
Here is my downloadmp3.php file...please, what's wrong in this code.
It works on my local LAMP (Bitnami Wampstack on windows)....that is, on my local testing environment, it sends the file to my broswer, and I can save it. When I upload it to the real server, it basically writes out the mp3 file.
Here is the culprit file, downloadmp3.php...please help
<?php
include 'ngp.php';
$file = $_GET['songurl'];
$songid = $_GET['songid'];
increasedownloadcount($songid);
if (file_exists($file)) {
header('Content-Description: File Transfer');
header('Content-Type: audio/mpeg');
header('Content-Disposition: attachment; filename=' . basename($file));
header('Content-Transfer-Encoding: binary');
header('Expires: 0');
header('Pragma: public');
header('Content-Length: ' . filesize($file));
header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
ob_clean();
flush();
readfile($file);
exit;
}
?>
By the way, this site only hosts mp3s - no other audio or file format. So, this downloadmp3.php script should ideally ask the user where they want to save this file.
Thanks for your help in advance.
I think the filename should be in quotes:
header('Content-Disposition: attachment; filename="' . basename($file) . '"');
Change the content-type value to text/plain. With this browser wont recognize it and wont play the file. Instead it will download the file at clients machine.
Seems there is too many headers. I am sure they do SOMETHING... but this code works.
This code works with MP3 files.... downloads to a file. Plays without a problem.
if(isset($_GET['file'])){
$file = $_GET['file'];
header('Content-type: audio/mpeg');
header('Content-Disposition: attachment; filename=".$file.'"');
readfile('path/to/your/'.$file);
exit();
}
You can access it with ajax call, or this:
<a id="dl_link" href="download.php?file=<>file-you-wish-to-download<>" target="_blank">Download this file</a>
Hopefully this is of some use
I'm currently using localhost to run my pages and currently I am trying to download the files my users have uploaded and stored in a folder called uploaded_files
this is the code for my download page which isn't working and I'm not quite sure what's wrong.
<?php
$file = $_GET['file'];
if (file_exists($file)) {
header('Content-Description: File Transfer');
header('Content-Type: application/force-download');
header("Content-Disposition: attachment; filename=\"" . basename($file) . "\";");
header('Content-Transfer-Encoding: binary');
header('Expires: 0');
header('Cache-Control: must-revalidate');
header('Pragma: public');
header('Content-Length: ' . filesize($name));
ob_clean();
flush();
readfile("C:\xampp\htdocs\FYPproject\uploaded_files/".$file); //showing the path to the server where the file is to be download
exit;
} else {
echo "Download failed";
echo $file;
}
?>
file_exists() need to receive the path of the file, if the file name is "test" and it's in "uploaded_files/" so you need to check file_exists("uploaded_files/test"). You don't need to pass the whole path if your php is already in "FYPproject" folder. It's the same for downloading files, you don't need to pass the whole path for readfile().
You are passing a file path with backward slashes and forward slashes to readfile. Even if this is not the cause of your problem you should change it. Change it to this:
readfile("C:\xampp\htdocs\FYPproject\uploaded_files\".$file);
Not all browsers support application/force-download so in this case try replacing the above code with application/octet-stream and see if it works
I have a php file to handle file downloads in a website. It is working as it should.
if($_GET['type'] == "pdf") {
$dir = __DIR__ . "/../src/files/pdf/" . $_GET['name'];
if(file_exists($dir)) {
header('Content-Description: File Transfer');
header('Content-Type: application/pdf');
header('Content-Disposition: attachment; filename='.basename($dir));
header('Expires: 0');
header('Cache-Control: must-revalidate');
header('Pragma: public');
header('Content-Length: ' . filesize($dir));
readfile($dir);
exit;
} else {
$_SESSION['err'] = "No file found";
header("location: index.php");
exit;
}
}
Now I want to count the times that a file is being downloaded. So I have a method inside a class in a different php file. I usually include this php file and create an instance of this class when I need to use some of its methods. The problem is that if I include the file in my file-handler.php the header will be different and the file would be corrupted when downloaded.
So, how can I use the method of this file in the file-handler without affecting the header?
If you include your counting file before at the top of file-hander.php file before you output your download headers then the download headers will replace whatever headers were output before.
Additionally. your counting file must not output any content at all as the client is expecting the file you are downloading and nothing else.
I agree 100% with #rjdown, your code creates a massive potential security issue. I would not put it on a server connected to an untrusted network (Like The Internet). If you would appreciate help making it secure then please ask that question.
I'm trying to redirect my user after they download my files. I manage to make them download the file but I cant redirect them to the url. Pleas help
<?php
//Search for file using GET
if(isset ($_GET['file']) && ($_GET['url'])){
$file = $_GET['file'];
$link = $_GET['url'];
if (file_exists($file)) {
header('Content-Description: File Transfer');
header('Content-Type: application/octet-stream');
header('Content-Disposition: attachment; filename="'.basename($file).'"');
header('Expires: 0');
header('Cache-Control: must-revalidate');
header('Pragma: public');
header('Content-Length: ' . filesize($file));
readfile($file);
exit;
} else {
echo "Why are you here?";
}
//file downloaded now go to link
header('Location: $link');
}
?>
How do I fix this?
No, it's not possible what you do and want.
your redirect will be executed if the GET parameters file and url exist and the physic file not exists.
if GET parameters file and url exist and the physic file exists, you exit after the download (script stops with further execution).
Why not a redirect from html code to your download script. Many downloads site work with.
As pseudo, redirect.html:
html
head
redirect to your forced download file FOO after X seconds with e.g. meta tag
/head
body
Download of file FOO starts in X seconds
/body
/html
In the case above you don't need the php redirect, only the force download. Set the redirect script not in the same file as your download script!
remove exit; from true part and try to put this instead
header('Location: $link');
You got the wrong quotes:
header("Location: $link"); // note the "
Or do concatenation:
header('Location: '.$link);
By the way, the way you're doing what you want to do is basically a good way to let anyone with HTTP 80 access to this script to download any file on your server. What if $file = '/etc/passwd';?
I have created a movie which I have saved as an MP4 file and uploaded to my server. The file is 4.6 GB. When I have tried to send a link to my family, the video tries to play in their browser.
What I want to do is have them click a link and the file downloads to their computer instead. I have searched endlessly for solutions, but they all keep failing, probably due to the size of the file.
Is anyone able to help with a PHP script that will allow the downloading of such a large file?
Thanks
The easiest solution is to press Ctrl+S, select File>Save or do right click + Save as in the browser when the file starts to load - this will open the Save File dialog.
In case you want to return this file from PHP, you can do that with following script:
<?php
$file = 'video.mp4';
if (file_exists($file)) {
header('Content-Type: application/octet-stream');
header('Content-Disposition: attachment; filename='.basename($file));
header('Expires: 0');
header('Cache-Control: must-revalidate');
header('Pragma: public');
header('Content-Length: ' . filesize($file));
readfile($file);
exit;
}