I'm building a script that will save an image from the web to the user's computer. This is what I've learned, so far:
$url = 'http://example.com/my-image.jpg';
$img = '/my/folder/my-image.jpg';
file_put_contents($img, file_get_contents($url));
Is this the right way to do this? If so, how would I get the path to, say, the downloads folder, in the user's machine?
You can't. The Downloads folder is a browser-specific location that only the user has control of. The file will download to the folder that is specified by the user.
Use readfile along with header to force a Save As... dialog to appear.
<?php
header('Content-disposition: attachment; filename=image.jpg');
header('Content-type: image/jpeg');
readfile('/server/path/to/image.jpg');
?>
If so, how would I get the path to, say, the downloads folder, in the user's machine?
You can't store contents on the user's computer this way, only on your local server.
You need to serve the file as a download, which the user can then "Save as..." in their browser.
Related
When I create a TXT file with fputs(), usually it goes into the "downloads" directory, set in the browser settings. The question is how do I get the directory path of the downloaded file.
$archivo="customers.txt";
$file = fopen($archivo,"wb");
fputs($file,$contenido);
fclose($file);
header('Content-type: text/csv; charset=ansi');
header("Content-disposition: attachment; filename=$archivo");
print $contenido;
Simply put, the server is never allowed to know because the browser will never report it back. Doing so could lead to the browser leaking private information about the user without that user's consent.
Additionally, the server cannot force a user to save a file to a specific location. Again, this is for security reasons. Otherwise a server could force you to save a file to your computer's startup location.
I made an upload form and stored files in (root) '../upload_file' folder
the problem is how authorized (logged in) user only can download that uploaded files? because browser cant handle root url like: www.web.com/../upload_file/test.pdf
please Im newbie
thanks :D
Ok, I want make this clear. Actualy my question is similar to: How to go about protecting files from unauthorized downloads
where is unsolved
You need to create a php script that will authenticate the user and then output the contents of the uploaded file in the php script. Make sure you do not echo anything out before setting the headers of the output file. There should be code somewhere on how to load the contents of a file into a variable.
$fileContents = file_get_contents("test.pdf");
header("Cache-Control: public, must-revalidate");
header("content-disposition: attachment; filename=test.pdf");
header("content-type: application/pdf");
header("content-length: " . strlen($fileContents));
//output file contents
echo $fileContents;
The users should never have access directly to the upload folder.
Access control depends on your server operating system and server, like Windows Server(IIS) or Linux(Apache, Ngix)...
The best way to protect the files from being visted from URL is to set the upload path outside your webroot.And the file will be only accessiable by your server.
UPDATE: how to access files by user
Create a php file named readpdf.php.
header("Content-type:application/pdf");
//if you just want to show the file on broswer, delete the line below
header("Content-Disposition:attachment;filename='downloaded.pdf'");
readfile("progit.pdf");
Read the file by visiting http://localhost/readpdf.php
I have a call to a web service that gives me a response back in the format of a base64 encoded pdf file. I need to save the pdf to a folder on the server.
I can't get the document saved in the folder. It always saves the file locally on the computer and not to the server.
Here is the code i have at this moment.
header('Content-type: application/pdf');
header('Content-Disposition: attachment; filename="doc-'.$document.'.pdf"');
file_put_contents('~/pdf/'.$document.'.pdf', $wc->out->document);
Does someone have a suggestion where i can find the solution?
thx
Headers are for serving data to the client - you don't need these. Just use file_put_contents
As for the file save location, you know that will save into a folder within the user profile? If you want the current folder, use . instead of ~.
I am having trouble getting the browser to prompt the user to save an image with the correct name.
My web root directory is /var/www/html
I have an image (.jpg) in /var/www/client/image.jpg
These two things cannot be changed for a number of reasons
I have a file, dImage.php, in /var/www/html where I am doing the following to get the browser to download, not view the file.
$fileName = '/var/www/client/image.jpg';
header('Content-disposition: attachment; filename="' . $fileName . '"');
header('Content-type: image/jpeg');
readfile($fullpath);
In IE I get prompted to download dImage.jpg
In Firefox I get prompted to download dImage.php which is a: JPEG Image. When I download the file there it's saved as a .php file which, once the extension is changed, opens aproperly as an image.
Is it possible for me to have the browser prompt the user to save the file as image.jpg regardless of the browser being used?
The code you have shown will produce a file with a name of '/var/www/client/image.jpg' which is obviously not a valid file name, which is why your file gets named after the script.
$fileName is the desired name of the output file,
$fullpath should be the absolute path to the desired file, php's relative paths do not work like HTML's paths do. '/' will not point you to the document root folder.
hy guys,
i really need your help. i've succesfully connected to ftp server via php.
i'm listing all files that are on the server. if i click a file the browser should prompt a download window to download the file.
i've absolutely no idea how to do that. which method am i going to use. ftp_get kind of confuses me. it says i have to declare a local_file as well. i just want a file on the server to download to my harddrive.
how can i do that?
regards matt
The remote file has to first be downloaded to your server before you can send it to the user. It's invisible to the user, but you don't have a choice. PHP won't let the browser talk directly to the FTP server.
Create a separate php script that calls ftp_get for a specific file, stores it temporarily to your server to allow the user to download it.
Something like:
<?php
//assume the page was called like download.php?filename=downloaded.pdf
header('Content-Disposition: attachment; filename="'.$_GET['filename'].'"');
$tempFile = 'temp'.rand();
ftp_get($ftp, $tempFile, $_GET['filename'], FTP_BINARY);
readfile($tempFile);
You may add code to delete the tempFile too.
If you provide a link to a file that can't be read by the browser (such as a php file, audio, video, etc.) it will ask you to download the file.
The other way is to use PHP headers on a page and print out the page, and link to that page. http://www.ryboe.com/tutorials/php-headers-force-download