ftp_get() downloads a file from an FTP server and saves the file to local server.
So when I want to download a file from an FTP server to my browser, the file will first be downloaded to the local server and then downloaded to the browser.
This causes double bandwidth. Is there a way to download a file from an FTP to browser directly?
ftp_get() or curl or any PHP script will require opening a stream to the source, and passing it the client browser. You still use 2 streams, resulting in double the bandwidth usage. The only way to avoid this is to link to or have the end-user collect the file directly.
I am assuming that you're collecting the file from a private FTP location, passing the credentials, and you do not want the end-user to have these or they do not know them. Yet for them, it should be a seamless download.
Not a lot of good ways to do this. In my mind, making an FTP Client connection via Flash in the end-users browser is one way. You could dynamically create flash or have the flash collect the credentials (encrypted), and then perform the connection to the FTP Server from the end-users browser (after decrypting the credentials) and download the file directly to the end-user.
All you can do is to redirect the client browser to the ftp:// URL. That's doable when the FTP site allows an anonymous read access. Most (all) web browsers support FTP natively.
Depending on a workflow, you either redirect from the PHP code:
header("Location: ftp://download.example.com/file.pdf");
On you directly use ftp:// URL in the HTML code:
Download
If anonymous read access is not allowed, you'd have to include the credentials in the URL, what you probably do not want to.
ftp://username:password#download.example.com/file.pdf
Related
I am making an online streaming website where users can listen to audio or video files. Currently I am calling an mp3 file in an audio tag using below code.
Play
In my website a user can stream a song but cannot download it. DOWNLOADS ARE PAID. Above code is the worst thing to stream an audio file because when a user copies and pastes the above link on his browser, the song will be downloaded.
How can I securely stream the file without URL download option(user cannot copy the song url and download it).
I am using CodeIgniter(PHP framework), so how can I restrict a user to download the file directly.
You can use some .htaccess to direct all download requests to your PHP Script and not call the real files. Then your script can validate if the user is logged in, only then it will issue a download response. Otherwise even if someone gets the url it won't work for them because the request goes to your PHP Script and file itself is not served automatically
Take a look at this Create temporary URLs. You can do similar for your domain as well.
I have an ASP page, in which the user chooses a value (e.g drawingId) from a list box, and according to this value, ASP builds/calculates a file path, e.g. c:\drawings\file1.pdf, in order to show this pdf file to the user. This path refers to the client's computer, where these pdf files are stored. The server queries the database and knows only the association between the drawingId and the path at the client's computer.
How can I open this pdf file?
I've read similar questions, like How can my web application written in Java open a file on the client side? or Can javascript access a filesystem?, but I haven't understood how to proceed.
I would like this to work with all browsers and also implement this functionality in a PHP site.
Use file:///
e.g. file:///c:/filename.pdf
Well I guess after user selects option from a list box, you could construct the path and redirect user to that path which should open the pdf file
eg.
file:///C:/foldername/filename.pdf
it not possible to open client side file from server side code as it running at server side, also due to some security reason browser does not allow to browse client location
refer link Open local folder from link
I'm building a web-radio like service, in which the user authenticates to the services, gets a cookie and a Flash-based app plays mp3s from the server. The server only delivers if the client is allowed for that particular mp3.
If a user opens a HTTP logger (like FireBug), he can see the files being downloaded by flash. If he opens the mp3 URL directly via the address bar, he can easily download the MP3, although the URLs are not guessable by the user.
I'm looking for a safe system to prevent the user from downloading the MP3 directly to his system. I have examined last.fm, as they use a similar setup, and somehow they prevent it.
In the end, you're not going to be able to stop someone who's determined. However, you can at least make it difficult.
There are several options involving referrer checks, authentication, and fun stuff like that. But probably the most successful anti-downloading check I've seen was one that works like this:
The user indicates that he wants to stream a file; the app makes an authenticated, encrypted request indicating his desired action. The result is a one-use-only and time-limited URL that is recognized by whatever application or CDN is hosting the file. After the URL is used once (i.e. by the flash app) it then expires and can never be used again. If the streaming does not start within a given amount of time (several seconds), the URL likewise expires. Obviously the URL given does not directly correspond to the file name, but is instead authenticated, decoded, and translated server-side.
It's still not impossible to work around, but it's fairly difficult.
You might use RTMP instead of HTTP to deliver audio data. RTMP is meant to be used for streaming audio, video and misc data. It streams just data rather than a file. It's not 100% safe, because if something gets to client (browser, flash player, whatever), user can save it, but it's still better than giving a file via HTTP.
You will need a server that supports RTMP though, e.g., Flash Media Server (FMS), Wowza or Red5.
I am creating a google-chrome application that will download songs from an octet stream, however due to JavaScript restrictions, I cannot create a "download" button. The user must right click and select save file as. I wish to create a php page that will redirect the browser to the location of the octet stream, which will be on a different site, and then create a download dialog there. I know there are probably security restrictions here, but is it possible to have a php page redirect and set the content disposition headers of that page it is redirecting to?
Note: I cannot get the octet stream from my server to save because the host I am using does not support php calls to external sites.
The download dialog (content-disposition header) has to be produced by the other site. There's no way around it, because browsers will only believe headers from the same server. If the other site doesn't produce the desired headers, and if you don't own the other site, there's nothing you can do about it.
You might write a PHP script which accesses the other site on behalf of the user, downloads the octet stream to the server first, and then sends it to the user with the desired headers. In other words, your script would act as a proxy server. Look into the curl module if interested. But this will cause your server's bandwidth to skyrocket, and there may also be problems with copyright.
I have a program I wrote that when it has an error, it saves infomation of the error in a zip file in their TEMP directory, and then opens their browser to my PHP file.
I want the PHP file to automatically go to a specific location (their temp zip) that will be passed via HTTP POST arguments and attach the zip folder to an email to myself. It should be noted that my mail() command is connected to an google SMTP server.
Can this be done?
If not, what do you suggest as an alternative. I suppose I could pass the binary data as a HTTP Post and then have PHP recreate the zip? All ideas are welcomed.
I'm not sure you can do that via the browser - no browser can upload a file without users' consent - that's insecure and hence it is not allowed.
You could rather try making a connection to the server, not open the web page on your server, from your software and upload the file that way - cURL would be the method of choice I think - it has plenty of implementations in most programming languages so it shouldn't be a problem. Just try searching for "upload a file with curl" on google.