download

@jagguyJul 01.2007

Hi,
I can force a download file with this code and it works.

I know what the switch statement does but I am unsure about the rest.
Is all this code needed for a forced download?

$file_extension = strtolower(substr(strrchr($file,”.”),1));
if ((isset($file))&&(file_exists($file)))
{
switch( $file_extension )
{
case “pdf”: $ctype=”application/pdf”; break;
case “exe”: $ctype=”application/octet-stream”; break;
…
}
header(“Pragma: public”); // required
header(“Expires: 0”);
header(“Cache-Control: must-revalidate, post-check=0, pre-check=0”);
header(“Cache-Control: private”,false); // required for certain browsers
header(“Content-type: application/force-download”);
header(‘Content-Disposition: inline; filename=”‘ .$file . ‘”‘);
header(“Content-Transfer-Encoding: Binary”);
header(“Content-length: “.filesize($file));

header(“Content-Type: $ctype”); header(‘Content-Disposition: attachment; filename=”‘ . $file . ‘”‘); readfile(“$file”);

to post a comment

PHP

12 Comments(s) _↴

@temp_user123Jul 01.2007 — #In your case, the switch statement is selecting the correct MIME type to use for the download. I have the following as a standard downloader for one of my clients:

[code=php]<?php
 $file = html_entity_decode(basename($_GET['name']));
 $path = $_SERVER['DOCUMENT_ROOT'] . '/folder/' . $file;
 $bot = (1 == preg_match('/bot.htm|googlebot|heritrix|msnbot|slurp/i', $_SERVER['HTTP_USER_AGENT']));
 if(($bot && substr($file,-4) != '.pdf')
 || !file_exists($path)):				#if bot or file does not exist
 header('HTTP/1.0 204 No Content');
 header('Status: 204 No Content;');
 else:									#otherwise...
 header('Content-Type: ' . html_entity_decode($_GET['type']) . ';');
 header('Content-Disposition: attachment; filename=' . $file . ';');
 header('Content-Length: ' .  sprintf('%u', filesize($path)) . ';');
 readfile($path);					#get it
 include 'logger.inc';				#log it
 endif;
 exit;
 ?>[/code]

EDIT: In case anybody wonders: Alternative Syntax

@jagguyauthorJul 01.2007 — #What do these 4 lines do as you haven't got them. Do I need them?

header("Pragma: public"); // required

header("Expires: 0");

header("Cache-Control: must-revalidate, post-check=0, pre-check=0");

header("Cache-Control: private",false); // required for certain browsers

@jagguyauthorJul 02.2007 — #Just a quick problem I am downloading a file from a dir and it works fine if I store the file in the same dir as the php file.

I want to download from a f'iles/filename' dir but I can't get it to work from that dir. Also having a / or slash for dir as I am using windows(don't ask) but will host it on linux which is better.

Thi code fails because of the file to download is not in current dir

$file= $_GET['file'];

$path= $_GET['path'];

$file_path=$file.'/'.$path;

 $file_extension = strtolower(substr(strrchr($file,"."),1));
   if ((isset($file))&&(file_exists($file_path)))
   {
   switch( $file_extension )
   {
   case "pdf": $ctype="application/pdf"; break;
   ..   default: $ctype="application/force-download";
   }
 
   header("Content-type: application/force-download");
   header('Content-Disposition: inline; filename="' .$file_path . '"');
   header("Content-Transfer-Encoding: Binary");
   header("Content-length: ".filesize($file));
 
   header("Content-Type: $ctype");
   header('Content-Disposition: attachment; filename="' . $file . '"');
   readfile("$file");
 
   }
   else
   echo "No file selected";

@temp_user123Jul 02.2007 — #What do these 4 lines do as you haven't got them. Do I need them?

header("Pragma: public"); // required

header("Expires: 0");

header("Cache-Control: must-revalidate, post-check=0, pre-check=0");

header("Cache-Control: private",false); // required for certain browsers[/QUOTE]
Need them? No. They have to do with controlling what the browser caches on the client side. I don't see this as a benefit when it comes to downloading a file as an HTTP attachment. Perhaps someone else might weigh-in on that.

@temp_user123Jul 02.2007 — #Just a quick problem I am downloading a file from a dir and it works fine if I store the file in the same dir as the php file.

...snip...

$file_path=$file.'/'.$path;

...snip...[/QUOTE]
Note that this is how I establish the path to my file -- which is also in a different folder than the executing code:

$path = $_SERVER['DOCUMENT_ROOT'] . '/folder/' . $file;

@MrCoderJul 02.2007 — #In your case, the switch statement is selecting the correct MIME type to use for the download. I have the following as a standard downloader for one of my clients:

[code=php]<?php
 $file = html_entity_decode(basename($_GET['name']));
 $path = $_SERVER['DOCUMENT_ROOT'] . '/folder/' . $file;
 $bot = (1 == preg_match('/bot.htm|googlebot|heritrix|msnbot|slurp/i', $_SERVER['HTTP_USER_AGENT']));
 if(($bot && substr($file,-4) != '.pdf')
 || !file_exists($path)):				#if bot or file does not exist
 header('HTTP/1.0 204 No Content');
 header('Status: 204 No Content;');
 else:									#otherwise...
 header('Content-Type: ' . html_entity_decode($_GET['type']) . ';');
 header('Content-Disposition: attachment; filename=' . $file . ';');
 header('Content-Length: ' .  sprintf('%u', filesize($path)) . ';');
 readfile($path);					#get it
 include 'logger.inc';				#log it
 endif;
 exit;
 ?>[/code]

EDIT: In case anybody wonders: Alternative Syntax[/QUOTE]

What's stopping somebody downloading your .htaccess file if it exists?

thisfile.php?type=&name=.htaccess

@temp_user123Jul 02.2007 — #It won't be in the folder I've hardcoded as the source for available download files.

@jagguyauthorJul 03.2007 — #My downloads are all in a seperate folder so unless there is another sneaky way to get at other files then all seems ok.

@jagguyauthorJul 04.2007 — #

[CODE]My downloads fail to work since i moved them into another folder.
 
 I am getting tired and cant work it out. The files exists and I get nothing in the downloaded files. They are all txt files .
 
 
 $file= $_GET['file'];
 $path= $_GET['path'];
 
 //$file_path=$path.'/'.$file;
 $file_path = $_SERVER['DOCUMENT_ROOT'] . '/school/test/files/' . $file;
 
   $file_extension = strtolower(substr(strrchr($file,"."),1));
   if ((isset($file))&&(file_exists('files/'.$file)))
   {
 
 
   switch( $file_extension )
   {
   case "pdf": $ctype="application/pdf"; break;
   case "exe": $ctype="application/octet-stream"; break;
   case "zip": $ctype="application/zip"; break;
   case "doc": $ctype="application/msword"; break;
   case "xls": $ctype="application/vnd.ms-excel"; break;
   case "ppt": $ctype="application/vnd.ms-powerpoint"; break;
   case "gif": $ctype="image/gif"; break;
   case "png": $ctype="image/png"; break;
   case "jpg": $ctype="image/jpg"; break;
   default: $ctype="application/force-download";
   }
 
   header("Content-type: application/force-download");
   header('Content-Disposition: inline; filename="' .$file_path . '"');
   header("Content-Transfer-Encoding: Binary");
   header("Content-length: ".filesize($file));
 
   header("Content-Type: $ctype");
   header('Content-Disposition: attachment; filename="' . $file . '"');
   readfile("$file");
 
   }
   else
   echo "No file selected";[/CODE]

@jagguyauthorJul 04.2007 — #This works

...

header("Content-type: application/force-download");

// header('Content-Disposition: inline; filename="' .$file_path . '"');

header("Content-Transfer-Encoding: Binary");

// header("Content-length: ".filesize($file_path));

header("Content-length: ".filesize($file_path));

 header("Content-Type: $ctype");
   //  header('Content-Disposition: attachment; filename="' . $file_path . '"');
   header('Content-Disposition: attachment; filename="' . $file . '"');
 
   // readfile("$file_path");
   readfile("$file_path");

@karthik_jscriptJul 09.2007 — #I tried opening the file using wordpad and it opens fine, thanks for your help.

@karthik_jscriptJul 09.2007 — #sorry i posted my reply in the wrong thread!

Also in #PHP _↴

POST data in <a>here</a> ???PHP Bulitin Board problem Can you help me mysql_real_escape_string vs. str_replace

Success!

Help @jagguy spread the word by sharing this article on Twitter...

Tweet This

download

12 Comments(s) _↴

Also in #PHP _↴

Success!

Social

Version

download

12 Comments(s) ↴

Also in #PHP ↴

Success!

The web is an endless sea of information. Don't miss the boat... Subscribe!

Social

Version

12 Comments(s) _↴

Also in #PHP _↴