Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 9 years ago.
Improve this question
i am confused in how to allows download the file.zip after the payment.If i redirect them to a download page where is file is placed in sever they can download the file again easily or they can pass that link to anyone.
Any suggestions please!
Don't use a direct link to the file - use a PHP file that serves the file up as a download, but only if a certain session var is found (created in the confirmation of the payment process)
Just like #SmokeyPHP mentioned, just output the file through PHP instead of linking to it directly.
<?php
$file = 'monkey.gif';
if (file_exists($file)) {
header('Content-Description: File Transfer');
header('Content-Type: application/octet-stream');
header('Content-Disposition: attachment; filename='.basename($file));
header('Content-Transfer-Encoding: binary');
header('Expires: 0');
header('Cache-Control: must-revalidate');
header('Pragma: public');
header('Content-Length: ' . filesize($file));
ob_clean();
flush();
readfile($file);
exit;
}
?>
http://php.net/manual/en/function.readfile.php
This way you have a full control over who downloads what. Of course depending on the file size, you may wish to split the file into smaller chunks. You don't want to be buffering 40 MB files in your server memory every 5s. With bigger files, you can use something like this:
<?php
$file = fopen("file.dat", "r");
while (!feof($file)) {
echo fgets($file);
}
fclose($file);
?>
put .zip file outside the webserver;
protect the .zip URL with some rule [e.g. being logged in and having purchased the resource];
associate the .zip URL with an action that reads the actual binary file and forwards it to user [plenty of examples in here].
Related
This question already has answers here:
PHP output file on disk to browser
(6 answers)
PHP: How to make browser to download file on click
(2 answers)
Closed 5 years ago.
I have PHP files stored on my server, and their names in the mysql database, I want to download those files. What code should I write for the same? I am using PHP as coding language. Please help.
<?php
$file = 'send_me.pdf';
if (file_exists($file)) {
header('Content-Description: File Transfer');
header('Content-Type: application/octet-stream');
header('Content-Disposition: attachment; filename="'.basename($file).'"');
header('Expires: 0');
header('Cache-Control: must-revalidate');
header('Pragma: public');
header('Content-Length: ' . filesize($file));
readfile($file);
exit;
}
?>
Obviously, set $file to the file name.
Read more about the use of readfile here.
Download?
Literally just make a link the stored file.
file_put_contents("PDFName.pdf", fopen("http://someurl/PDFName.pdf", 'r'));
You really should show what you have done so far/researched online before asking a question!
This will download the file PDFName.pdf from the url http://someurl/PDFName.pdf and put it into the same directory as the script is in.
Closed. This question needs details or clarity. It is not currently accepting answers.
Want to improve this question? Add details and clarify the problem by editing this post.
Closed 8 years ago.
Improve this question
I have physical files which I want users to download on my website. The files are located at:
C:/xampp/htdocs/myfile/uploads/*
I need a PHP script which can download files dynamically on click. Let's say I have the following button which when clicked it triggers magic.php script.
Download file
What PHP code do I need in magic.php to download the file name I passed in the query parameters?
Download link
Download
magic.php page
<?php
$file = 'C:/xampp/htdocs/myfile/uploads/'.urldecode($_GET['file']);
if (file_exists($file)) {
header('Content-Description: File Transfer');
header('Content-Type: application/octet-stream');
header('Content-Disposition: attachment; filename='.basename($file));
header('Expires: 0');
header('Cache-Control: must-revalidate');
header('Pragma: public');
header('Content-Length: ' . filesize($file));
readfile($file);
exit;
}
?>
Maybe you could do something like this: (Correct me if i am wrong)
<a href="uploads/<?php echo $row['name']; ?>" download="download">
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question appears to be off-topic because it lacks sufficient information to diagnose the problem. Describe your problem in more detail or include a minimal example in the question itself.
Closed 8 years ago.
Improve this question
I have used file system to store the files, all files are either word or pdf files. how should i create their downloadable links on client side.
Any help would be appreciated.
you can download file using:
<?php
$file = 'filename.extension';
if (file_exists($file)) {
header('Content-Description: File Transfer');
header('Content-Type: application/octet-stream');
header('Content-Disposition: attachment; filename='.basename($file));
header('Expires: 0');
header('Cache-Control: must-revalidate');
header('Pragma: public');
header('Content-Length: ' . filesize($file));
ob_clean();
flush();
readfile($file);
exit;
}
?>
You can simply write the file path in the href attribute of the <a /> tag...
Download Here
<?php
if (isset($_GET['file'])) {
$file = $_GET['file'];
if (file_exists($file) && is_readable($file) && preg_match('/\.pdf$/',$file)) {
header('Content-Type: application/pdf');
header("Content-Disposition: attachment; filename=\"$file\"");
readfile($file);
}
} else {
header("HTTP/1.0 404 Not Found");
echo "<h1>Error 404: File Not Found: <br /><em>$file</em></h1>";
}
Try the above snippet and name it as download.php!
Once the above has been done, save the file and if needed upload to the server hosting your web page.
Finally, once uploaded, all future .PDF links that you want to be downloaded instead of opened in the browser will need to point to download.php?file=example.pdf, where example.pdf is the name of the PDF you want for the user to download. Below is an example of what a full link could look like.enter code here
Click here to download PDF
Download
This should do the job.
This question already has answers here:
Closed 10 years ago.
Possible Duplicate:
Forcing to download a file using PHP
When we need to force user to download a file, we use header with several parameters/options. What if I use
header("location:test.xlsx");
This is working :) Is there any drawback of using this shortcut ?
This approach should solve the problems mentioned here
download.php?filename=test.xlsx
if isset ($_GET['filename']){
$filename = $_GET['filename']
}
else{
die();
}
header('Content-Description: File Transfer');
header('Content-Type: application/octet-stream');
header('Content-Disposition: attachment; filename='.basename($file));
header('Content-Transfer-Encoding: binary');
header('Expires: 0');
header('Cache-Control: must-revalidate');
header('Pragma: public');
header('Content-Length: ' . filesize($file));
ob_clean();
flush();
readfile($file);
And of course don't forget to secure this so users can't download other files
There are a few disadvantages to this method:
If the file is one the browser can read, it won't be downloaded (like .txt, .pdf, .html, .jpg, .png, .gif and more), but simply be shown within the browser
Users get the direct link to the file. Quite often, you don't want this because they can give this link to others, so...
it will cost you more bandwidth
it can't be used for private files
if it's an image, they can hotlink to it
All you're doing is redirecting to a file. This is no different than if they went to it directly.
If you are trying to force a download, you need to set your Content-Disposition header appropriately.
header('Content-Disposition: attachment');
Note that you can't use this header when redirecting... this header must be sent with the file contents. See also: https://stackoverflow.com/a/3719029/362536
Not every file is forced to download.
If you were to use that header() on a .jpg the browser won't open the download dialog but will just show the image.
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 10 years ago.
Improve this question
i have an uploads folder on my website.
What i want to do is restrict users from accessing like i dont want them to go to www.mysite.com/uploads/ and see the files in there and it should show forbidden, but they should be able to download via my website, for example www.mysite.com/downloads.php?id=1
If thats not possible, how can i atleast not show them the directory index on /uploads
How is it that file sharing websites does this?
An htaccess with
deny from all
stops php from accessing the file as well
Please tell me a solution if you would know, i googled and asked on irc a few days ago about this issue, its pretty confusing to me.
If you want to hide your file url from users, its better to move upload folder above of your webroot directory. So nobody can access from browser. How you make download.php
<?php
/*
Step 1. Authorization check
Step 2. get name or id of file that will download $_GET
Step 3. check if its valid (security check)
Step 4. check if that file exist in your upload directory
Step 5. set header using header() function put content-type, attachment etc
Step 6. readfile and output it
*/
?>
Add this line in your .htaccess file
Options -Indexes
Place an index.htm file in your uploads folder or place Options -Indexes in your .htaccess file
Why not just make a place for downloadable things (mkdir publicuploads), but chmod 700 your uploads folder?
Then they can download what you allow them to download...
Using a .htaccess file with deny from all will stop people accessing that folder, It wont stop php from accessing it, but you could put your files one directory lower then your htdocs/www/public_html folder and use php to grab and serve thos files.
With passing a parameter eg: ?id=1 you would access the 1 with $_GET['id'] you would need to check if the file exists, add some http headers to force the download.
Heres a simple example you can work on:
<?php
//your below webroot downloads folder
$path="/var/www/somehost.com/downloads/";
//An array created from globing the download directory or from a database source
$files=array('somefile.gif',
'someotherFile.png');
//In my example the id is the key to the file pathe array so 0 would be somefile.gif and 1 would be the next.
if(isset($_GET['id'])){
//Is it numeric?
if(is_numeric($_GET['id']) && isset($files[$_GET['id']])){
//Download the file, the download function will return error on fail, eg: not found or directory
$status = download($path.$files[$_GET['id']]);
//Spit out the error
if(isset($status['error'])){
die($status['error']);
}
}
}
function download($file,$chunk=1024){
if (file_exists($file)) {
if(is_dir($file)){return array('error'=>'Not allowed!');}
//Set content headers to force download.
header('Content-Description: File Transfer');
header('Content-Type: application/octet-stream');
header('Content-Disposition: attachment; filename="'.str_ireplace(' ','_',basename($file)).'"');
header('Content-Transfer-Encoding: binary');
header('Connection: Keep-Alive');
header('Expires: 0');
header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
header('Pragma: public');
//If download is larger the 2GB, alls not lost
header('Content-Length: '.sprintf("%u", filesize($file)));
//Clean the buffer
ob_clean();
//Open a handle to the file
$handle = fopen($file, "rb");
$chunksize=(sprintf("%u", filesize($file))/$chunk);
set_time_limit(0);
//Loop through the file
while (!feof($handle)) {
//Echo a piece of the file out
echo fgets($handle, $chunksize);
flush();
}
fclose($handle);
die;
}else{return array('error'=>'Not found!');}
return;
}
?>
You would also need to check user permission on the file, but thats another question.