We are trying to create a webpage in laravel where people are going to be able upload their codefiles to our server, so that other users can watch the code and download it in codefiles if they like it. We however can't figure out the best way to make this happen.
I tried to just let php get a file and echo out the content. this worked well fot html and css, but with php nothing got displayed what so ever. someone mentioned using eval(), however i've read that it is a really bad idea to do so. Another idea would be to stash the code in a database and fetch it from there, which we have tried before, but it sort of over complicated, and avoiding to do so would be prefereable, and instead go directly to i file.
So my question is, do anybody have an idea that might work safely, both for us and our server and for the users.
Something like this:
<?php
// read Codefile
$TheCode = file_get_contents($codefile);
// Print it...
echo htmlentities($TheCode);
?>
Save the php code in a flat file like one with a .dat extension.
then read the file.
$toechp = file(static.dat);
echo $toecho;
You can allow .dat files to be downloaded on browser using headers.
<?php
$file = "http://example.com/static.dat";
header("Content-Description: File Transfer");
header("Content-Type: application/octet-stream");
header("Content-Disposition: attachment; filename=\"$file\"");
readfile ($file);
?>
and you are done.
Related
I have a file with no extension on it, but I know it's a tiff. I want to be able to download this file via PHP.
I created a page with a link to another php page, which has the following content:
<?php
$imgPath = 'http://server/23700-b074137f-eb5c-45d6-87c2-13c96812345b';
header("Content-disposition: attachment; filename=invoice.tiff");
header("Content-type: image/tiff");
readfile($imgPath);
?>
When I click the link, I get a prompt to download invoice.tiff, but it's 0 bytes.
However, if I rename the file on the server to 23700-b074137f-eb5c-45d6-87c2-13c96812345b.tiff (and change the $imgPath), it works.
How do I accomplish this without renaming the file to include the extension?
It's possible the 'tiff' extension is registered as a known file type on the server, so when you rename and request the tiff it's permissions will allow you to open it. However, with no extension, the security is probably stopping you from reading it, as mentioned by 'Mike B' above. To check this try just entering the file name in your browser address bar and see if it opens, both with and without the 'tiff' extension. There is no workaround for getting past the security issue, short of changing the severs security which would be very bad.
You are retrieving the file from a URL, therefore activating the 'fopen wrappers' in readfile. In general, you should not do this, especially when working locally since it invokes a lot of unnecessary overhead and (in this case) unwanted 'magic' behaviour.
Just use readfile on the local path to the file, and it'll be fine, or use die(file_get_contents($imgPath)) instead of the last line to circumvent PHP's native behaviour.
It works for me:
$imgPath = 'http://server/23700-b074137f-eb5c-45d6-87c2-13c96812345b';
$f = fopen($imgPath, "r");
header("Content-disposition: attachment; filename=invoice.tiff");
header("Content-type: image/tiff");
fpassthru($f);
You should also add the content-length header like so:
// untested code
header('Content-Length: '.strlen(stream_get_contents($imgPath)));
Hi I'm downloading a file to an app on iOS using the function readfile() on a PHP web service and I want to know if the file is downloaded correctly but I don't know how I can do that.
So what I'm trying is to do some echo to know if the file has been downloaded like this:
echo "before";
readfile($file);
echo "after";
But the response I get is this:
beforePK¿¿¿
Any one knows what does this mean or how can I know if the file is downloaded correctly?
UPDATE:
Yes it's a zip file, here are my headers
header("Cache-Control: public");
header("Content-Description: File Transfer");
header("Content-Disposition: attachment; filename=$ticket");
header("Content-Type: application/zip");
header("Content-Transfer-Encoding: binary");
You're trying to output the contents of a zip file aren't you?
readfile($file) works the same as echo file_get_contents($file). If you're trying to present someone a file to download, do not add any additional output else you risk breaking the file.
I would also recommend reading up on the header function. That way you can explicitly tell the browser that you're sending a file, not an HTML page that has file-like contents. (See the examples involving Content-Type)
PHP should be setting the correct headers prior to readfile() - this LITERALLY reads the file out to the browser/app... but the browser/app needs to know what to do with it...
Usually you just assume that once the connection has closed that the data is done being transferred. If you want to validate that the file has been transferred fully, and without corruption you'll need to use a data structure like XML or JSON which will:
Delimit the data fields and cause the XML/JSON parser to throw an error if one is omitted, aka the transfer was cut off before it finished.
Allow you to embed more than one piece of data with the response, eg. an MD5 hash of the file that can be re-calculated client-side to verify that the data is intact.
eg:
$file = 'myfile.zip';
$my_data = array(
'file' => base64_encode(file_get_contents($file)),
'hash' => md5_file($file)
)
//header calls
header(...)
echo json_encode($my_data);
exit;
What i am trying to do is provide a way for an Xls file generated on the client side in js to be downloaded. So I have the xls in a string in js and need to give the user a way to download it and open it in excel.
As i understand the only way to do this is to do it on the server via the content type, so I have tried to provide a php that does a file relay... Here is the php
<?php
header("Content-type: application/octet-stream");
header("Content-Disposition: attachment; filename=\"my-data.csv\"");
$data=stripcslashes($_REQUEST['csv_text']);
echo $data;
?>
A request can end up being rather long so for example i might have this request... (actually shortened greatly).
I am not good with php, can anyone suggest a better way to modify this relay script (or better way entirely) to accomplish this?
http://myserver.com/ExcelRelay.php?csv_text=Id%09City%09Phone%09Address%201%09Address%202%09State%09Type%09Employees%09Revenue%09Leed%09Established%09Comments%09Country%09Postal%20Code%09Territory%0A3%09Greensboro%096538227668%09%0978%20Rocky%20Second%20St.%09New%20Jersey%09Remote%09%090%091%09Sun%20Aug%2009%201964%2000%3A00%3A00%20GMT-0400%20%28Eastern%20Daylight%20Time%29%09%22Et%20quad%20estis%20vobis%20homo%2C%20si%20nomen%20transit.%20%0A%20Sed%20quad%20estis%20vobis%20homo%2C%20si%20quad%20ut%20novum%20vobis
Thanks For the Response, The final script was
<?php header("Content-type: application/octet-stream");
header("Content-Disposition: attachment;filename=\"".$_POST['filename']."\"");
echo $_POST['data'];
?>
One word: POST.
Request Url Too Long is a client side error, and one that is (AFAIK) exclusive to IE, these days. If you want to send the data to the server and have it sent back to you as a file, you will have to send the data in the body of the request.
See here for more information.
My intention is to convert a total php page into html, and subsequently convert the html to pdf and render it through the browser.Which is done , apart from that while showing it on the browser , it will simultaneously download the pdf automatically which is not happening.
Its with PHP.
Can to tell me the basic concept ..as to how to do this.
Thanks in advance
You already render the page in the browser. Before displaying the page, header() the user to the location which will serve the same page as an attachment, but do not exit. This will allow them to download the file, but it will still load the file on the page. Not 100% sure that this will work, but it's worth a shot.
BTW different browsers will handle pdfs differently and depending on settings, plugins, etc. For instance, some might try to download the file anyway instead of showing it in the browser.
I think you need to look over the question again. As I read it, you're asking how to display something that hasn't yet been downloaded (while it's downloading), and that is obviously not possible and so cannot be what you mean.
Try creating a header, which tells the browser what to do when it receives the file.
<?php
header("Content-Type: $filedatatype" );
header("Content-Disposition: attachment; filename=\"" . $FileObject->name . "\";");
header("Content-Transfer-Encoding: binary");
header("Content-Length: " . $filesize);
?>
I want to write a text file in the server through Php, and have the client to download that file.
How would i do that?
Essentially the client should be able to download the file from the server.
This is the best way to do it, supposing you don't want the user to see the real URL of the file.
<?php
$filename="download.txt";
header("Content-disposition: attachment;filename=$filename");
readfile($filename);
?>
Additionally, you could protect your files with mod_access.
In addition to the data already posted, there is a header you might want to try.
Its only a suggestion to how its meant to be handled, and the user agent can chose to ignore it, and simply display the file in the window if it knows how:
<?php
header('Content-Type: text/plain'); # its a text file
header('Content-Disposition: attachment'); # hit to trigger external mechanisms instead of inbuilt
See Rfc2183 for more on the Content-Disposition header.
PHP has a number of very simplistic, C-like functions for writing to files. Here is an easy example:
<?php
// first parameter is the filename
//second parameter is the modifier: r=read, w=write, a=append
$handle = fopen("logs/thisFile.txt", "w");
$myContent = "This is my awesome string!";
// actually write the file contents
fwrite($handle, $myContent);
// close the file pointer
fclose($handle);
?>
It's a very basic example, but you can find more references to this sort of operation here:
PHP fopen
If you set the content type to application/octet-stream, the browser will ALWAYS offer file as a download, and will never attempt to display it internally, no matter what type of file it is.
<?php
filename="download.txt";
header("Content-type: application/octet-stream");
header("Content-disposition: attachment;filename=$filename");
// output file content here
?>
Just post a link on the site to http://example.com/textfile.php
And in that PHP file you put the following code:
<?php
header('Content-Type: text/plain');
print "The output text";
?>
That way you can create the content dynamic (from a database)...
Try to Google to oter "Content-Type" if this one is not the one you are looking for.