I am trying make a php script to list the files of a folder above my web directory...I follow a small thing I found here which talked about
a symlink pointing to /var/uploads
a Apache Alias directive Alias /uploads /var/uploads
I did both of these.
$myDirectory = opendir("/var/stuff/stuff/");
That directory there links to like when I go in winscp and click that folder it directs me to it....and when I run my script to list all files inside /var/stuff/stuff/ it lists what is in /home/stuff/stuff.
The thing is when I click the links that it produces I get a not found on the server
The requested URL /stuff was not found on this server.
Would someone please be able to assist me with this?
Since the files are not under the root directory, you will not be able to download them directly, but What you can use for this issue is to create a downloader gateway.
I'll explain:
create a php script somewhere in your app, lets call it downloader.php
the downloader script would get a parameter, lets say: filename
now we could call the script like: http://YOUR-URL/downloder.php?filename=file-to-download
in your downloader.php file you can get the file name, read it from the file system, then force it to be downloaded by out puting its content and configure the correct headers
I'm not sure if you still need that but, if you need more assistance I can help you more with some code samples
ideally you can use .htaccess to hide your downloader gateway script
Related
I need to prevent people from downloading .zip files in my server unless they are logged in. For this purpose and since I'm also using MediaWiki and I would like to have to modify the least this as I'm not familiar with it I was thinking about doing the following:
When a user wants to download a .zip file, it will be redirected by the server (with a web.config rule) to something like download.php?file=fileName and inside the PHP, I can do my programming to see if he's logged in and then use readFile() to give him the file.
However I'm not familiar with IIS (not much more with Apache either) and I'm totally clueless as how to write this rule. Could someone please help me out on this?
I'm also open to other suggestions. Putting the upload folder in a place not accessible to the public (but to the server) may do the trick but images are also uploaded then and then they wouldn't download. I could, again modify the behavior of the upload system myself but as it's done by MediaWiki I would prefer not to.
I have found this code (by using a .htaccess to web.config online translator) but it's not working. Maybe it's easier for you to just fix this code:
http://pastebin.com/waMJnFyK
The uploads are in subdirectories within /images like for example /images/a/ae/file.zip and I would like that when you try to open that you get redirected to a php file where as a GET input I have the file location.
Solution I took: http://pastebin.com/7skGT9uN
It redirects everything that ends in .zip within /images to download.php?fileName=whatever where the /images part is not passed.
I have a 2.5GB file that I want to allow users to download after they buy it. I originally planned on hiding the file and then just using readfile to dump the file's contents with .zip headers but my GoDaddy server apparently won't allow me to use readfile on such a large file, so I'm stuck with changing the name of this important file every hour. But if someone can just list all the files on my www folder anyway then people can take it without paying for it.
Any suggestions?
As long as you don't allow indexing of the directory then they can't obtain a file listing. To do that create a .htaccess file in the directory and add:
Options -Indexes
Alternatively, if the folder has an index page this will also prevent the server disclosing a directory listing and instead serve the index page.
if you have more than 5 gig host so use the php exec command to copy your file with another name
let say you keep your file with a unguessable name in a unguessable folder
so whenever the buyer confirm the order then you copy the file to a known folder with user-generated name, then pass the link to user
if your host is linux then use cp command if it's windows use copy
use something like cp oldname.ext newname.ext or copy oldname.ext newname.ext
after a certain time you will delete the file in the known folder
I am attempting to create a script in PHP which reads and includes all files from a directory which is above the domain name directory.
For example:
My domain name is example.com and located in /var/www/html/example.com/ and I want /var/www/html/example.com/file.php to be able to read from:
/var/www/html/videos/video1/ which contains index.html and the folders:
/var/www/html/videos/video1/images/ and /var/www/html/videos/video1/scripts/
e.g. www.example.com/file.php?dir=/var/www/html/videos/video1/index.html
If I use include (/var/www/html/videos/video1/index.html) it will only call the html file, which is done perfectly. However all the files in images folder and the scripts folders are not able to load.
I don't want to copy or call each file separately. I want to be able to only need to call index.html and then make the browser think it's in that directory and automatically read any file within there.
I know this works because Moodle uses this method (in file.php) to protect learning files by storing them in a moodledata folder which is one level above the public folder.
I've had a look but cannot make sense of it and I've searched the Internet to achieve the method I have explained above but have not had any success.
The reason I want to do this is to avoid having duplicate video files on the server for other sites that are hosted on the same server.
Many thanks in advance and for taking the time to assist.
$dir = realpath(dirname(__FILE__)."/../");
This would be the directory you are looking for. Require files relative to that.
To output a different file look at readfile which outputs straight to the buffer or perhaps use file_get_contents which can be held in a variable.
See if you can load an image in the browser directly, if you can it's probably a problem with your code, if you can't it may be a rights issue.
I would be grateful for help concerning this issue:
User clicks on a link:
the link itself has the parameter that tells which file needs to be unzipped to /unzip folder. After a file is unzipped, I would like to open the file.
How can I do this? I have the unzip part coded already.
I can suggest a following solution:
You create a folder on the server where you will unzip the files to.
You create an .htaccess file there which specifies your own php script as 404 Error handler
In your php script you parse URL and identify which file to unzip, unzip it and redirect user to the newly created file
If you need to clean the unizpped files, you can create a cronjob which will remove files older than a certain time
What you get from that is:
File transfer from server to user is handled by web server
You actually cache your work as 404 handler won't run if you have the file in place
You can significantly lower the server load as this approach reduces the amount of operations performed on server side (when file exists)
The description above assumes Apache as a web server
I've been able to upload a file through PHP to a non-hosted directory (directory is not on the website) with read/write permissions for the PHP file (www). How would I download the file from this directory? I've been able to list the contents of the directory, but clicking on the files (made the filenames links) does not work as the computer attempts to download the file from the path on the server. I'm new to PHP, so all help is appreciated. Thanks!
Edit: Before I get down votes for this being a broad question, I just want to know how to access the files in the non-hosted directory and pass them to the user. I already know how to download normal files hosted on the website. Thanks!
You can use a delegating PHP file for file access. I don't know anything about your structure, but if you can write it, you can (presumably) read it back with file_get_contents:
<?php
echo file_get_contents('/the/path/to/the/unhosted/directory/file.ext');
?>