I have the following download.php script to download a file, which works great:
<?php
header("Content-Type: application/octet-stream");
$file = $_GET["file"];
header("Content-Disposition: attachment; filename=" . urlencode($file));
header("Content-Type: application/force-download");
header("Content-Type: application/octet-stream");
header("Content-Type: application/download");
header("Content-Description: File Transfer");
header("Content-Length: " . filesize($file));
flush();
$fp = fopen($file, "r");
while (!feof($fp))
{
echo fread($fp, 65536);
flush();
}
fclose($fp);
?>
What I want to achieve is to hide the URL where this file is located, so that when the user clicks a link such as <a target="_blank" href="http://domain.com/files/download.php?file=filename.pdf">Download file</a>, a new tab opens up with no URL and starts downloding the file. What is actually happening is the new tab opens and the file download starts but the URL bar is displaying http://domain.com/files/download.php?file=filename.pdf.
If this cannot be done with php, how can I achieve this? I have seen several downloads where the URL is not shown, so I know this is somehow possible.
EDIT: Here is the reason I want to do this: We will send a html mailing with a link to the file download, and the website where this file download is hosted is not the website from the company which sends the mail.
As always, thank you very much.
A typical way doing this, is to place the files you want to provide for download outside your docroot.
Your download script should know about this place and has to process the requested filename considering this.
For example:
path/in/your/system/docroot/download.php
and
path/in/your/system/files/filename.pdf
If someone is requesting download.php?file=filename.pdf your script has to look up in path/in/your/system/files/ for this file and has to handle it.
You can create a new window with iframe content to that URL.
var win = window.open("", "Title", "toolbar=no, location=no, directories=no, status=no, menubar=no, scrollbars=yes, resizable=yes, width=780, height=200, top="+(screen.height-400)+", left="+(screen.width-840));
win.document.body.innerHTML = "<iframe src='YOUR URL'></iframe>";
If you remove the target="_blank" no new tab will be opened and the file will just be downloaded.
In the end, it's not possible because the user can open Google Inspector and check the Network tab.
Edit: If that's the case, you would use JavaScript:
Edit 2: In case the popup is blocked by the browser or addon, use a fallback:
Edit 3: In case JS is disabled:
<head><meta http-equiv="refresh" content="5;http://domain.com/files/download.php?file=filename.pdf">
<script>
var win = window.open("http://domain.com/files/download.php?file=filename.pdf");
if (!win) {
window.location = "http://domain.com/files/download.php?file=filename.pdf";
}
</script>
</head>
Edit 4: If you don't want the user to see the domain of the user site at all, get your PHP script to download the file and then output that to the user:
header("Content-Type: application/octet-stream");
$file = $_GET["file"];
$file = 'http://otherdomain.com/location/' . $file; // This line should suffice for all that you're trying to do
header("Content-Disposition: attachment; filename=" . urlencode($file));
header("Content-Type: application/force-download");
header("Content-Type: application/octet-stream");
header("Content-Type: application/download");
header("Content-Description: File Transfer");
header("Content-Length: " . filesize($file));
flush();
$fp = fopen($file, "r");
while (!feof($fp))
{
echo fread($fp, 65536);
flush();
}
fclose($fp);
Submit the form as POST and use $_REQUEST to get the file:
$file = $_REQUEST["file"];
Related
So here's a question. Can a php script detect how it is being called? For example if it is called through <img> it will return an image, or if it is being called through <video> it will return video, or if it is called through <audio> it will return audio, or if it is called directly by typing in http://www.example.com/callme.php it will return some text.
The content from this callme.php would be provided through the following method:
header("Content-Disposition: attachment; "
.sprintf('filename="%s"; ', rawurlencode($_REQUEST['F']))
.sprintf("filename*=utf-8''%s", rawurlencode($_REQUEST['F'])));
header("Content-Type: application/force-download");
header("Content-Type: application/octet-stream");
header("Content-Type: application/download");
header("Content-Description: File Transfer");
flush(); // this doesn't really matter.
$fp = fopen($file, "r") or die("DEAD");
while (!feof($fp))
{
echo fread($fp, 65536);
flush(); // this is essential for large downloads
}
fclose($fp);
No this is not possible, at least not without some additional parameters in the URL.
Consider the following HTML
<img src="/callme.php?target=img" />
With the following PHP:
if ($_GET('target') == 'img') { ... }
I have seen many examples but none of them is resolving my issue.
I generated cvs file in ajax post request ( I am not changing window.location.href). I want this file to auto download just like what happens after changing window.location.href. Currently i don't know solution.Kindly help me here is my code
$file_name="temp_".time().".csv";
$new_csv = fopen($file_name, 'w');
fputcsv($new_csv, $csv_data);
fclose($new_csv);
header("Content-type: application/csv; charset=utf-8");
header("Content-disposition: attachment; filename =\"" .$file_name. "\"");
readfile($file_name);
unlink($file_name);
exit;
$this->setLayout(false);
return sfView::NONE;
I want the log in user can access the PDF file and anonymous user can not access the file from browser like www.domain.com/pdf/name.pdf
My pdf file is getting corrupted.It is gets failed when clicked for download.
I have created pdf folder in that kept my all pdf.
I have html code
<ul>
<li>
Test
</li>
</ul>
check.php file
if($_SESSION[login]==true){
$file_url = 'http://domainname.com/pdf/example.pdf';
$filename='example.pdf';
header("Content-Disposition: attachment; filename=" . urlencode($filename));
header("Content-Type: application/octet-stream");
header("Content-Type: application/download");
header("Content-Description: File Transfer");
header("Content-Length: " . filesize($file_url));
$fp = fopen($file_url, "r");
while (!feof($fp))
{
echo fread($fp, 65536);
flush(); // this is essential for large downloads
}
fclose($fp);
}
ht.access
RewriteEngine on
RewriteRule .* check.php
Just add a function in your php file as below:
function protect_page(){
if(logged_in()===false){
header('Location: protected.php');
exit();
}
}
Check whether the user is logged in by doing
$_SESSION[login]==true
Write the above protect_page() function on the page that has link to your pdf.
And you're good to go.
I need some eduction please.
At the end of each month, I want to download some data from my webserver to my local PC.
So, I've written a little script for that, which selects the data from the DB.
Next, I want to download it.
I've tried this:
$file=$month . '.txt';
$handle=fopen($file, "w");
header("Content-Type: application/text");
header("Content-Disposition: attachment, filename=" . $month . '.txt');
while ($row=mysql_fetch_array($res))
{
$writestring = $row['data_I_want'] . "\r\n";
fwrite($handle, $writestring);
}
fclose($handle);
If I run this, then the file is created, but my file doesn't contain the data that I want. Instead I get a dump from the HTML-file in my browser..
What am I doing wrong..
Thanks,
Xpoes
Below script will help you download the file created
//Below is where you create particular month's text file
$file=$month . '.txt';
$handle=fopen($file, "w");
while ($row=mysql_fetch_array($res)){
$writestring = $row['data_I_want'] . "\r\n";
fwrite($handle, $writestring);
}
fclose($handle);
//Now the file is ready with data from database
//Add below to download the text file created
$filename = $file; //name of the file
$filepath = $file; //location of the file. I have put $file since your file is create on the same folder where this script is
header("Cache-control: private");
header("Content-type: application/force-download");
header("Content-transfer-encoding: binary\n");
header("Content-disposition: attachment; filename=\"$filename\"");
header("Content-Length: ".filesize($filepath));
readfile($filepath);
exit;
Your current code does not output a file, it just sends headers.
in order for your script to work add the following code after your fclose statement.
$data = file_get_contents($file);
echo $data;
I'm trying to create a download so that a user clicks on "down" it downloads a certain file from their account to their computer, I'm currently using this:
header('Content-Disposition: attachment; filename=' . basename("users/$username/$file_folder/$file_name"));
header("Content-Type:" .$file_type);
header("Content-Description: File Transfer");
header("Cache-control: private");
header("Connection: close");
header("Content-Length: ".$file_size);
The problem is, the file is downloading, but it's just empty, there is no content in the file
The code before this is just an if() and a while loop with database records.
Thanks in advance.
You are missing something like below: (unless the file is very large, in which case you would chunk it out)
$filename = 'path/to/file/file_name.txt';
echo file_get_contents($filename);
Alternatively you could populate a variable with the data you want put out into the file and simple echo it out like so:
$data = "begin\n";
$data .= "first line\n";
$data .= "another line\n";
$data .= "last line";
echo $data;
The content would be put out there AFTER your headers. Hope this helps.
The file is empty, because you never output the file. These header calls are just the header, you still need a body for a file to be correctly downloaded. You can use file_get_contents to echo the file contents.
header('Content-Disposition: attachment; filename=' . basename("users/$username/$file_folder/$file_name"));
header("Content-Type:" .$file_type);
header("Content-Description: File Transfer");
header("Cache-control: private");
header("Connection: close");
header("Content-Length: ".$file_size);
// echo the file, this will make the download work
echo file_get_contents("users/$username/$file_folder/$file_name");
after you send the headers you need to actually push out the file content...
see this
http://php.net/manual/en/function.file-put-contents.php