[UPHPU] RE: PHP indirect download

David Smith davidsmith at byu.net
Wed Feb 4 07:37:54 MST 2004 

I also recommend that you create a symlink
   ln -s download.php download

Then add a line to the .htaccess file in the same directory, which 
forces PHP to interpret that download symlink:
  <Files "download">
        ForceType application/x-httpd-php
  </Files>

Instead of passing the file name like this: "download?myfile.txt", make 
it look like a directory:
  http://example.com/download/myfile.txt
Instead of:
  http://example.com/download.php?myfile.txt

Then, use the $_SERVER['PATH_INFO'] variable in download.php to get the 
filename. This makes it quite transparent to the end-user and obeys Tim 
Berners-Lee's rule that "cool URLs don't change".

Good luck!

--Dave

Jonathan Gale wrote:

> Kenneth,
>
> It's a pretty trivial task to have a PHP script serve up a file from 
> another (non HTTP accessible location).  Something like this would work:
>
> <?php
> $filepath = '/path/to/files';
> $file = $_GET['file'];
> Header('Content-type: application/octet-stream');
> readfile("$filepath/$file");
> ?>
>
> The trick however is sending the correct headers so the download works 
> correctly in all browsers.
>
> This header set will generally work:
>
> header("Pragma: public");
> header("Expires: 0");
> header("Cache-Control: must-revalidate, post-check=0, pre-check=0");
> header("Content-Type: application/force-download");
> header("Content-Type: application/octet-stream");
> header("Content-Type: application/download");
> header("Content-Disposition: attachment; 
> filename=".basename($filename).";");
> header("Content-Transfer-Encoding: binary");
> header("Content-Length: ".filesize($filename));
>
> Some good reference URLs:
>
> http://us4.php.net/manual/sv/function.readfile.php
> http://us4.php.net/manual/sv/function.fpassthru.php
>
> Good luck.
>
> Jon
>
> Kenneth Burgener wrote:
>
>> I would like to make it so that users do not have a link to directly 
>> access a downloadable file.  I want the script to push the file.  I 
>> see websites doing this all the time.  Any suggestions?
>>
>> Normal download:
>> http://mydomain.com/file.zip
>>
>> What they look like:
>> http://mydomain.com/download.php?file=QWERASDFASDFASDF
>>
>> Thanks in advance.
>

More information about the UPHPU mailing list