How to remove the tmp- from my download name - php

So when a user downloads a file I currently have it pull the song name through something that looks like this.
$songs = file_get_contents('https://api.soundcloud.com/tracks/'.$id.'/stream?client_id='.$myID.'');
$filename = './tmp/' . stripslashes(htmlspecialchars($songTitle)) . '.mp3';
$filenames = '/tmp/' . stripslashes(htmlspecialchars($songTitle)) . '.mp3';
$trying = '' . stripslashes(htmlspecialchars($songTitle)) . '';
$songname = stripslashes(htmlspecialchars($songTitle));
file_put_contents($filename, $songs);
<form method="POST" action="http://example.com/download.php" accept-charset="utf-8">
<input type="hidden" name="file_name" value="<?php print $trying; ?>" />
<input type="hidden" name="song_name" value="<?php print $songname; ?>" />
<input type="Submit" class="btn btn-success" value="Download Song" />
</form>
Then within the download.php file I have the following.
$file = 'tmp/' . $_POST['file_name'] . '.mp3';
header('Content-Description: File Transfer');
header('Content-Disposition: attachment; filename='.$file);
header('Expires: 0');
header('Cache-Control: must-revalidate');
header('Pragma: public');
header('Content-Length: ' . filesize($file));
header("Content-Type: audio/mp3");
readfile($file);
How ever when a user downloads a file it brings up something that looks like this tmp-song-artist-song-name.mp3 any help is very appreciated!
Edit:
Preview Image
This is what happens when I change the header('Content-Disposition: attachment; filename='.$file); line to header('Content-Disposition: attachment; filename='.$songtitle);
$songtitle = $_POST['song_name'];
It seems to fix the title issue but creates an entirely new issue which is not what we want.


You are using wrong Content-Disposition header. In your first post you have used full file name alongwith tmp/ and after editing you missded .mp3 at end. I have corrected your download file code below:
$file = 'tmp/' . $_POST['file_name'] . '.mp3';
header('Content-Description: File Transfer');
header('Content-Disposition: attachment; filename='.$_POST['file_name'] . '.mp3');
header('Expires: 0');
header('Cache-Control: must-revalidate');
header('Pragma: public');
header('Content-Length: ' . filesize($file));
header("Content-Type: audio/mp3");
readfile($file);


Remove 'tmp/' section from file name.
header('Content-Disposition: attachment; filename=' . str_replace('tmp/', '', $file));

Related

PHP content disposition file name error safari

I have a database from which I would like the user to download data
I'm trying to download mp3 files. If the file contains, for example, Cyrillic characters, then in Safari I get the file ÐÐ¸Ð·Ð½ÐµÑ lite - ÐÑÐ°Ñ talk.mp3, in other browsers I get a normal file name Бизнес lite - Краш talk.mp3. Here is a sample code. Help, please, what am I doing wrong?
`
$src_file = ROOT_PATH . '/files/uploads/' . substr( $track_file['name'], 0, 2) . '/' . $track_file['name'];
if(file_exists($src_file)) {
header('Content-Description: File Transfer');
header('Content-Type: application/octet-stream');
header('Content-Disposition: attachment; filename="'. $track_file['title'] . '.mp3"');
header('Content-Transfer-Encoding: binary');
header('Expires: 0');
header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
header('Pragma: public');
header('Content-Length: ' . filesize($src_file));
ob_clean();
flush();
readfile($src_file);
exit;
`

would use if else
if user agent safari . you can find browser name by the $_SERVER['HTTP_USER_AGENT']
$src_file = ROOT_PATH . '/files/uploads/' . substr( $track_file['name'], 0, 2) . '/' . $track_file['name'];
if(file_exists($src_file)) {
if($useragent=='safari'){
header('content-type: application/octet-stream');
header('content-Disposition: attachment; filename='.$src_file);
header('Pragma: no-cache');
header('Expires: 0');
readfile($src_file);
}else{
//your current code
}

PHP - Forcing download a file not working

code.php
$code = $_GET["code"];
$file = 'code/'.$code.'.html';
if (file_exists($file)) {
header('Content-Description: File Transfer');
header('Content-Type: application/octet-stream');
header('Content-Disposition: attachment; filename="'.basename($file).'"');
header('Expires: 0');
header('Cache-Control: must-revalidate');
header('Pragma: public');
header('Content-Length: ' . filesize($file));
readfile($file);
exit;
}
Generated URL to download the file:
http://www.example.com/code.php?code=yoursite.com_nbsp63ibrf
Well, I want to forcing download the html file, above code not working and it just preview the file at browser!

file_exists() returns false. Change your path with document root:
$code = $_GET["code"];
$file = $_SERVER['DOCUMENT_ROOT'] . '/code/' . $code . '.html'; // set your path from document root.
if (file_exists($file)) {
header('Content-Description: File Transfer');
header('Content-Type: application/octet-stream');
header('Content-Disposition: attachment; filename="'.basename($file).'"');
header('Expires: 0');
header('Cache-Control: must-revalidate');
header('Pragma: public');
header('Content-Length: ' . filesize($file));
readfile($file);
exit;
}

Try changing the content type to match the file type and setting the transfer encoding to binary:
header('Content-Transfer-Encoding: binary');
header('Content-Type: text/html');

Try this
$code = $_GET["code"];
$file = $_SERVER['DOCUMENT_ROOT'] . '/code/' . $code . '.html'; // set your path from document root.
if (file_exists($file)) {
header("Content-Type: text/html");
header("Content-Type: application/force-download");
header("Content-Type: application/octet-stream");
header("Content-Type: application/download");
header('Content-Disposition: attachment; filename="'.basename($file).'"');
header('Expires: 0');
header('Cache-Control: must-revalidate');
header('Pragma: public');
header('Content-Length: ' . filesize($file));
readfile($file);
exit;
}

unfortunately it was a encoding issue. I changed code.php encoding from UTF-8 to UTF-8 Without BOM then problem solved. Thanks for all answers and helps. I forgot that PHP header only works with UTF-8 Without BOM.

This is actually not possible.
The browser can always decide on its own, if the file should be downloaded or not.
The furthest you can go is sending the content-disposition header.

php download files not working on mobile

if (file_exists($file)) {
header('Content-Description: File Transfer');
header('Content-Type: application/octet-stream');
header('Content-Disposition: attachment; filename=' . $filename. "." . $exts );
flush();
readfile($file);
exit;
}
this code works on pc, but on mobile i can not open the file. The headers is incorrect?

Try adding:
header('Content-Transfer-Encoding: binary');
header('Expires: 0');
header('Cache-Control: must-revalidate');
header('Pragma: public');
header('Content-Length: ' . filesize($file));
After
header('Content-Disposition: attachment; filename=' . $filename. "." . $exts );

Get the file correctly after uploading with md5

The following is part of the code in upload.php of OpenCart:
$file = $filename . '.' . md5(mt_rand());
move_uploaded_file($this->request->files['file']['tmp_name'], DIR_UPLOAD . $file);
// Hide the uploaded file name so people can not link to it directly.
$this->load->model('tool/upload');
$json['code'] = $this->model_tool_upload->addUpload($filename, $file);
For the coding '$this->model_tool_upload->addUpload($filename, $file)', it will insert the data like this:
The field 'code' is generated by the the coding 'sha1(uniqid(mt_rand(), true))'.
And the new file will inserted into the folder:
I would like to upload image and then display it. In this situation, how can I get the file path correctly using PHP?
Also, can someone explain why the filename is appended with the md5 string? Is it only used for hide the uploaded file name and what is the field 'code' used for?
UPDATE
Just find the answer in one of the source file:
header('Content-Type: application/octet-stream');
header('Content-Description: File Transfer');
header('Content-Disposition: attachment; filename="' . ($mask ? $mask : basename($file)) . '"');
header('Content-Transfer-Encoding: binary');
header('Expires: 0');
header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
header('Pragma: public');
header('Content-Length: ' . filesize($file));
readfile($file, 'rb');

How to download file with embaded string in php

I am downloading file with simple code from my server which is like
<a download class="btn btn-warning" target="_blank" href="<?php echo base_url('attachments/' . $row->delivery . '') ?>">Download</a>
There is some security issue in this like if anyone write sitename/attachments/filename the file is automatically download. What I want is it will be like sitename/attachments/filename/ciphertext(embadedtext) so it will hard to break the code. what should I do to implement that in php.

You can put your files out of the server DocumentRoot then use something like this:
<?php
$file = 'monkey.gif';
if (file_exists($file)) {
header('Content-Description: File Transfer');
header('Content-Type: application/octet-stream');
header('Content-Disposition: attachment; filename='.basename($file));
header('Content-Transfer-Encoding: binary');
header('Expires: 0');
header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
header('Pragma: public');
header('Content-Length: ' . filesize($file));
ob_clean();
flush();
readfile($file);
exit;
}
?>

Categories