I have seen many websites triggering a file save-as dialog on a page with existing HTML content. How do they do this?
I know about setting the right headers such as Content-disposition etc. but when I do that, the content of the page does not load, and immediately the file download is triggered...
Make a regular HTML page, then add a META refresh that redirects to a PHP script that sends the file with a Content-Disposition header.
For example:
<meta http-equiv="refresh" content="2;url=download.php">
I know a lot of them use a hidden iframe, the page that the iframe points towards is actually a file download.
Although there are better ways to do this, I'm sure.
Related
I am building a file manager with php. Every request is handled by a php script, i.e. also direct download paths will be pre-checked so I can prohibit certain downloads and also display other content.
My problem now is, any here comes stackoverflow into play, that I do not know any solution how I can prepare the download aka display the content first, then refresh the page once so I can send the file ... but without side effects.
Refreshing is not a problem of course, but no refreshing solution works so far. Refreshing by header() keeps my page from displaying any content, refreshing with or javascript works regarding the display of the content, however, downloads with e.g. wget do not work anymore.
The problem in other words is:
Due to the prior content load a valid status code will be sent, thus programs like wget or curl will not follow the refresh, so it will not download the file, only the html.
To get the actual file with curl or wget you need to send http headers, however, the 3XX redirection status codes will need a value for Location. If header('Location: ..') is sent the website will not be displayed before the refresh.
A solution is required that sending appropriate status codes is possible and the content will still be loaded prior the file distribution.
One partially solution has been found with status code 206, which does not require a location value and still works with wget. curl actually does not. so maybe a better solution is still available?
Thanks for your help!
What about the <meta> tag?
<meta http-equiv="refresh" content="5" URL="http://your-url.com/redirect/">
Write this statement after printing content and it will wait 5 seconds before redirecting
<meta http-equiv="refresh" content="5;url=http://your-url.com/redirect/" />
I wanted to serve a download of my program on special download page. Something like: http://site.com/download, where there will be a standard HTML page and also a file download prompt. I was wondering how I'd go about implementing this.
The only way I can think of is having a hidden iframe in the page pointing to the file the user wants to download. I also know of the PHP function readfile() but I don't see how I can implement that on the page aswell as have a HTML output shown to the user.
Any help is appreciated, thanks.
You can use a META redirect, which since it points to a download will not leave the page you're on.
On your HTML page, try including something like this:
<META HTTP-EQUIV="REFRESH" CONTENT="1;URL=/download/sitefile.zip">
This will browse to the file after 1 second, which should prompt the visitor to download it without leaving the page.
You can have the site http://example.com/download this can be normal html site. With redirection after few seconds (can be done in js or meta).
It should redirect to PHP site with fpassthru() function in it. That way you can easily implement additional security in the PHP.
HINT: make sure to set proper HEADERS in the PHP file so browsers will start download the file instead of showing the content in browser screen.
Is there a way I can have an Identical header on every page in my domain? I don't want the header to have to reload every time someone goes to a new page on that website. Is this possible without frames? And if not having to reload the header while going from page to page isn't possible is it possible to use PHP to prepend that header onto the document?
Is there a way I can have an Identical header on every page in my domain?
Use a templating system (or an include)
I don't want the header to have to reload every time someone goes to a new page on that website.
Then you have to use frames. It isn't worth it. It is only a small amount of HTML (which should use HTTP compression to make it even smaller) and any images can be cached.
And if not having to reload the header while going from page to page isn't possible is it possible to use PHP to prepend that header onto the document?
include
If you really care about your header not being reloaded, despite David's (excellent) answer, you could always populate your body using jQuery and AJAX requests.
I have a php page . I need to make it hard for user to get direct download link.For this i need a js function which start downloading pdf after 10sec automatically after page load. I dont want to provide a download link at all. Also I cant use onpageload . PDF must download.
Since most of the browsers will tell you where the downloaded file came from, i think you may want to mask the file itself behind a 'temporary' link with mod_rewrite or other custom parameters. You don't need to use JavaScript for this.
After then you can simply push the file with PHP similarly like this solution.
There is absolutely no way to hide a URL from an end user - All they need to do is use Fiddler 2, Firebug or similar tools to view the requested URL
Have your download page redirect to the PHP file that will download it. If it can download it, it will redirect the user back to the previous page, because the download doesn't have the right content type, although it could be just a plain .html file. You don't need Javascript to do this:
<meta http-equiv="refresh" content="10;url=http://mysite/d.php?file=resume">
I recommend the Smart File Download, from zubrag.com, if you don't already have a PHP file specifically for downloading.
I'm trying to explain as best as I can, sorry for my English.
I have a list of links, each linked to a php file with an id by parameters (ex. download.php?id=1 or ?id=2 and so on).
This file create a new instance of a class witch return the correct header of the files so it displays the save dialog box of the browser.
Now I need to check if the files is already downloaded in past (The first time you downloaded it I add a field on the mysql db).
This checks go ahead if you haven't download the files, else return false.
Here is the problem, when it returns false or something else the browser redirect me to the download.php file, so I get a blank page or what I'm echoing.
I need that if the file is already download it show me a js alert for advice ppl.
Hope you can understand what i mean.
Thanks for help
Technically you can without ajax, the download.php can output the following if the user has already downloaded the file:
<script>
alert('It was false - you already have the file!');
window.back();
</script>
Just depends how well it integrates with your site. Not tested but thats the general idea.
it's too late to show a js alert in that case, you'd need to do something like ajax to check whether the file has been downloaded, and then show the alert or start downloading the file then.
once your web browser has started loading a new url (eg download.php) then it is too late, you are already navigating away from the current page.
So you've got a page that looks like:
1. file1
2. file2
3. file3
and they've got links to the download script on each. If you want to prevent multiple downloads, you do it in two places. Here on the main file list page, and on the download.php page. When the user clicks on one of the files, you have an onclick handler remove the link from the clicked file. This can be done by refreshing this page (and simply not adding the download link when the page is generated), or using some DOM manipulation to remove the tag around the filename.
The download page will also do checks if the file's been sent previous and can handle that condition itself.
Doing so in both places will degrade nicely if for whatever reason the client doesn't have Javascript enabled.
You need to handle it in two places for the best behavior.
Determine if the user can download the file when you generate the download page, and don't create links for files that can't be downloaded.
To handle the case of someone having multiple windows open or otherwise downloading a file without reloading the downloads page, check if the user can download the file in download.php before sending any headers. If he can't, send a redirect back to the download page:
header("Location: downloads.php?error=repeat_download");
exit;
…and use the error parameter to include a message at the top of the file list explaining what happened.