I'm looking for a way to open encrypted files that are stored on a server. I'm using mcrypt to encrypt the files.
I was initially going to create a class that would open the file, decrypt it, write it to a new location, then open that. But I have convinced myself there is a better way (I just don't know what it is). It seems like there should be a way to stream it (?) to the browser once it's decrypted.
The initial setup would just link to the file location and the browser would take over (e.g. .pdf files would bring up a dialogue offering to open or save the file). If possible, I'd like it to do the same after decoding.
Pointers? Advice? Bueller?
Thanks!
edit:
This is what is working for now:
function decryptFile($path){
$folder=BASE_PATH.$path.'/'.$this->uri->segment(4);
if(!file_exists($folder.'/tmp')){
mkdir($folder.'/tmp', 0700);
chmod($folder.'/tmp', 0700);
}
$tmpfn=BASE_PATH.$path.'/'.$this->uri->segment(4).'/tmp/'.$this->uri->segment(5);
$p=BASE_PATH.$path.'/'.$this->uri->segment(4).'/'.$this->uri->segment(5);
$pc=file_get_contents($p) or die ('no gfc');
$pcue=$this->encrypt->decode($pc,$this->e_key) or die ('no decode');
$pp=fopen($tmpfn,"w") or die ('no fopen'.$tmpfn);
fwrite($pp,$pcue) or die ('no write');
fclose($pp);
if (file_exists($tmpfn)) {
header('Content-Description: File Transfer');
header('Content-Type: application/octet-stream');
header('Content-Disposition: attachment; filename='.basename($tmpfn));
header('Content-Transfer-Encoding: binary');
header('Expires: 0');
header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
header('Pragma: public');
header('Content-Length: ' . filesize($tmpfn));
ob_clean();
flush();
readfile($tmpfn);
unlink($tmpfn);
exit;
}
}
But another side effect of doing it this way (I guess) is that now instead of getting an open or save dialogue, the only option is to save the file. I'd rather have the option if possible.
edit - final code:
function decryptFile(){
extract($_POST);
$folder = $this->uri->segment(3);
$clientFolder = $this->uri->segment(4);
$fileName = $this->uri->segment(5);
$filePath=BASE_PATH.$folder.'/'.$clientFolder.'/'.$fileName;
$fileContents=file_get_contents($filePath) or die ('Could not get file contents.');
$ue_fileContents=$this->encrypt->decode($pc,$this->e_key) or die ('Could not decode.');
header('Content-Description: File Transfer');
header('Content-Type: '.$type);
header('Content-Transfer-Encoding: binary');
header('Expires: 0');
header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
header('Pragma: public');
header('Content-Length: ' . strlen($ue_fileContents));
echo $ue_fileContents;
exit;
}
Why do you have to write to a temporary file? You can simply do something like this,
function decryptFile($path){
$folder=BASE_PATH.$path.'/'.$this->uri->segment(4);
$tmpfn=BASE_PATH.$path.'/'.$this->uri->segment(4).'/tmp/'.$this->uri->segment(5);
$p=BASE_PATH.$path.'/'.$this->uri->segment(4).'/'.$this->uri->segment(5);
$pc=file_get_contents($p) or die ('no gfc');
$pcue=$this->encrypt->decode($pc,$this->e_key) or die ('no decde');
header('Content-Description: File Transfer');
header('Content-Type: application/octet-stream');
header('Content-Disposition: attachment; filename='.basename($tmpfn));
header('Content-Transfer-Encoding: binary');
header('Expires: 0');
header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
header('Pragma: public');
header('Content-Length: ' . strlen($pcue));
echo $pcue;
exit;
}
But another side effect of doing it this way (I guess) is that now instead of getting an open or save dialogue, the only option is to save the file. I'd rather have the option if possible
Try to replace
header('Content-Type: application/octet-stream');
with the actual type of the file. For instance, if it's a PDF:
header('Content-type: application/pdf');
You may also want to drop the line:
header('Content-Disposition: attachment; filename='.basename($tmpfn));
so that no dialog is shown by the browser.
Related
I want to comment for this post "link" , but my reputation is lower tan 50, so I have to ask nearly the same question again.
I get the following error message from unzip (after downloading it from my website).
End-of-central-directory signature not found. Either this file is not
a zipfile, or it constitutes one disk of a multi-part archive. In the
latter case the central directory and zipfile comment will be found on
the last disk(s) of this archive. unzip: cannot find zipfile directory
in one of foo.zip or foo.zip.zip, and cannot find foo.zip.ZIP, period.
On my lampp server (testsetup) (at /opt/lampp/myprojects/tmp/foo.zip) unzip works perfect ( no error messages).
I am using this code:
$filename = 'foo.zip';
$path = '/opt/lampp/myprojects/tmp/foo.zip';
if(!file_exists($path))
{
die('Error: file not found');
}
else {
$handle = fopen($path, "r");
header('Content-Description: File Transfer');
header('Content-Type: application/zip');
header('Content-Disposition: attachment; filename='.$filename);
header('Content-Transfer-Encoding: binary');
header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
header('Expires: 0');
header('Pragma: public');
header('Content-Length: ' . filesize($path));
flush();
readfile($path);
fclose($handle);
Can anybody see my mistake and help me to solve this problems? I am trying to fix it for about 5h but I am not able to solve the problem.
Use the following to send your ZIP file to the user/browser. No reason to open it first.
ob_end_clean();
$FileBytes = filesize($temp_file);
header('Content-Type: application/zip');
header('Content-Disposition: attachment; filename="WhateverYourFileNameIs.zip"');
header('Content-Length: ' . $FileBytes);
readfile($temp_file);
<?php
$filename = 'foo.zip';
$path = '/tmp/foo.zip';
if(!file_exists($path)) {
die('Error: file not found');
}
header('Content-Description: File Transfer');
header('Content-Type: application/zip');
header('Content-Disposition: attachment; filename='.$filename);
header('Content-Transfer-Encoding: binary');
header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
header('Expires: 0');
header('Pragma: public');
header('Content-Length: ' . filesize($path));
readfile($path);
I want to offer a PNG image to download only for some users, and the image should not be located anywhere, so the users should not see it's path.
That's why I inserted it to the download.php as a base64 image. The problem is, however the image is offered for download, but it shows 0 B size when downloaded.
$base64strImg = 'data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAxoAAARjCAIAAABnqMWCAAAACXBIWXM...';
header('Content-Description: File Transfer');
header('Content-Type: application/octet-stream');
header('Content-Disposition: attachment; filename=myimage.png');
header('Content-Transfer-Encoding: binary');
header('Expires: 0');
header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
header('Pragma: public');
ob_clean();
flush();
readfile(base64_decode($base64strImg));
exit;
Not sure where is the problem, if it can't handle big image or why it can't be downloaded.
I also tried this way:
header('Content-Disposition: attachment;filename="test.png"');
header('Content-Type: application/force-download');
echo base64_decode($base64strImg);
Now the image has correct size, but still, can't be opened after download. The image viewer says unsupported format.
And third option - without decoding, it also has a correct size, but still can't be opened.
header('Content-Description: File Transfer');
header('Content-Type: image/png');
header('Content-Disposition: attachment; filename=test.png');
header('Content-Transfer-Encoding: binary');
header('Expires: 0');
header('Cache-Control: must-revalidate');
header('Pragma: public');
header('Content-Length: ' . strlen($base64strImg));
ob_clean();
flush();
echo $base64strImg;
exit;
According to advice from #Lawrence I updated my code and this way it works:
$resultimg = str_replace("data:image/png;base64,","",$base64strImg);
header('Content-Disposition: attachment;filename="test.png"');
header('Content-Type: image/png');
echo base64_decode($resultimg);
you don't have to do all that you can just upload image and restrict access to it by htaccess or permissions and use readfile with the headers in download.php and check if the user has the permission to download the file .
I have a piece of code that works well on many servers.
It is used to download a file through the readfile php function.
But in one particular server it does not work for files bigger than 25mb.
Here is the code :
$sysfile = '/var/www/html/myfile';
if(file_exists($sysfile)) {
header('Content-Description: File Transfer');
header('Content-Type: application/octet-stream');
header('Content-Disposition: attachment; filename="mytitle"');
header('Content-Transfer-Encoding: binary');
header('Expires: 0');
header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
header('Pragma: public');
header('Content-Length: ' . filesize($sysfile));
ob_clean();
flush();
readfile($sysfile);
exit();
When I try to download a file lower than 25mb there is no problem, when the file is bigger, the file downloaded is 0 bytes.
I've tried with the function read() and file_get_contents but the problem still present.
My php version is 5.5.3, memory limit is set to 80MB.
Error reporting is on but there is no error displayed even in log file.
Here is the complete solution thanks to the answer of witzawitz:
I needed to use ob_end_flush() and fread();
<?php
$sysfile = '/var/www/html/myfile';
if(file_exists($sysfile)) {
header('Content-Description: File Transfer');
header('Content-Type: application/octet-stream');
header('Content-Disposition: attachment; filename="mytitle"');
header('Content-Transfer-Encoding: binary');
header('Expires: 0');
header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
header('Pragma: public');
header('Content-Length: ' . filesize($sysfile));
ob_clean();
ob_end_flush();
$handle = fopen($sysfile, "rb");
while (!feof($handle)) {
echo fread($handle, 1000);
}
}
?>
I've the same problem recently. I've experimented with different headers and other.
The solution that works for me.
header("Content-Disposition: attachment; filename=export.zip");
header("Content-Length: " . filesize($file));
ob_clean();
ob_end_flush();
readfile($file);
So try to change flush to ob_end_flush.
I need make xlsx file download from my site (but not from directly open file url like this: http://site.com/file.xlsx )
So, this is php code
$file = "somefile.xlsx";
header('Content-Description: File Transfer');
header('Content-Type: application/vnd.openxmlformats-officedocument.spreadsheetml.sheet');
header('Content-Disposition: attachment; filename='.basename($file));
header('Content-Transfer-Encoding: binary');
header('Expires: 0');
header('Cache-Control: must-revalidate');
header('Pragma: public');
header('Content-Length: ' . filesize($file));
ob_clean();
flush();
readfile($file);
file is downloaded, his extension is .xlsx, but when trying open this file in ms excel, file not opened and I got error : excel cannot open the file.xlsx because the file format or file extension is not valid
Tell please, why this happened? where I am wrong?
After many years, I got same problem, and after searching, I got here again ))
This is solution, that worked for me:
$file = "somefile.xlsx";
// define file $mime type here
ob_end_clean(); // this is solution
header('Content-Description: File Transfer');
header('Content-Type: ' . $mime);
header("Content-Transfer-Encoding: Binary");
header("Content-disposition: attachment; filename=\"" . basename($file) . "\"");
header('Content-Transfer-Encoding: binary');
header('Expires: 0');
header('Cache-Control: must-revalidate');
header('Pragma: public');
readfile($file);
You must be using this code in middle of some other file.
The problem with headers is they need to be set first on a page. They will not work if you have even 1 single space echoing before them. So you need to ob_clean() [clean the buffer] before you are setting headers
Try
ob_clean();
flush();
$file = "somefile.xlsx";
header('Content-Description: File Transfer');
header('Content-Type: application/vnd.openxmlformats-officedocument.spreadsheetml.sheet');
header('Content-Disposition: attachment; filename='.basename($file));
header('Content-Transfer-Encoding: binary');
header('Expires: 0');
header('Cache-Control: must-revalidate');
header('Pragma: public');
header('Content-Length: ' . filesize($file));
readfile($file);
Remove:
ob_clean();
flush();
Add at the end of code:
exit();
The issue is that flush() will also throw in your *.xlsx file content some garbage it has in it and that will corupt your file, even if you use ob_clean();
For a better understanding go to php.net and read the difference between flush(), ob_flush() and find that you didn't even need them in the first case. Therefore you won't need the ob_clean() too.
This works for me:
header('Content-Description: File Transfer');
header("Content-Type: application/vnd.openxmlformats-officedocument.spreadsheetml.sheet");
header("Content-Disposition: attachment; filename=\"".basename($fileLocation)."\"");
header("Content-Transfer-Encoding: binary");
header("Expires: 0");
header("Pragma: public");
header("Cache-Control: must-revalidate, post-check=0, pre-check=0");
header('Content-Length: ' . filesize($fileLocation)); //Remove
ob_clean();
flush();
readfile($fileLocation);
what could be a problem of that, file int the server is good, but after I press download it get corrupted...
<?php
if (isset($_POST['submit'])) {
header('Content-type: application/vnd.openxmlformats-officedocument.wordprocessingml.document');
header('Content-Disposition: attachment; filename="ataskaita.docx"');
readfile('../generavimui/ataskaita.docx');
}
?>
Look into the file using notepad or a hex editor. There probably is a PHP error message in there.
Possible reasons include
The file you are looking for doesn't exist
$_POST['submit'] is not set
try ereasing the output buffer before reading the file
if (isset($_POST['submit'])) {
header('Content-type: application/vnd.openxmlformats-officedocument.wordprocessingml.document');
header('Content-Disposition: attachment; filename="ataskaita.docx"');
ob_clean();
flush();
readfile('../generavimui/ataskaita.docx');
}
I had the same problem that you are having, except I had some additional problems, such as trailing source code being included in the downloaded file.
To fix it, replace your code with this:
header('Content-Description: File Transfer');
header('Content-type: application/vnd.openxmlformats-officedocument.wordprocessingml.document');
header('Content-Disposition: attachment; filename="ataskaita.docx"');
header('Content-Transfer-Encoding: binary');
header('Expires: 0');
header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
header('Pragma: public');
header('Content-Length: ' . filesize($file));
Source Site
Hope this helps