Hey, Firstly I apologise for just signing up and posting a help me message!!! I have a download script which instead of doing the usual http://www.site.com?file=blah.jpg, does the ID of the image (http://www.site.com?fid=112) Then a query passes the filename to the headers for download... The file IS being found, but instead of prompting the user to download, its just opening it in the browser... when i say opening in the browser what I mean is; if you were to open a jpg in notepad to see all the symbols and crud... this is how its looking.. <?php // Connects to your Database mysql_connect("","","") or die(mysql_error()); mysql_select_db(""); $filed = mysql_query("SELECT * FROM `FM_Files` WHERE `FM_Files`.`FID` = '".$_GET['File']."'") or die(mysql_error()); ?> <?php while($filed2 = mysql_fetch_array( $filed )) { $filename = $filed2['F_Path']; } ?> <?PHP // required for IE, otherwise Content-disposition is ignored if(ini_get('zlib.output_compression')) ini_set('zlib.output_compression', 'Off'); // File Download Script // by James Warkentin // This script is provided without warrenty of any kind, nor may the author be held liable for // for any problems which arise as a result of the use of this script. // Modify this line to indicate the location of the files you want people to be able to download // This path must not contain a trailing slash. ie. /temp/files/download $download_path = $_SERVER['DOCUMENT_ROOT'] . "/fatmatt/Images/files"; Print $download_path; /* ###################################################################################*/ /* DO NOT MODIFY THE SCRIPT BEYOND THIS POINT */ /* ###################################################################################*/ // Detect missing filename if(!$filename) die("I'm sorry, you must specify a file name to download."); // Make sure we can't download files above the current directory location. if(eregi("\.\.", $filename)) die("I'm sorry, you may not download that file."); $file = str_replace("..", "", $filename); // Make sure we can't download .ht control files. if(eregi("\.ht.+", $filename)) die("I'm sorry, you may not download that file."); // Combine the download path and the filename to create the full path to the file. $file = "$download_path/$file"; // Test to ensure that the file exists. if(!file_exists($file)) die("I'm sorry, the file doesn't seem to exist."); // Extract the type of file which will be sent to the browser as a header $type = filetype($file); // Get a date and timestamp $today = date("F j, Y, g:i a"); $time = time(); // Send file headers header('Content-Description: File Transfer'); header("Content-type: $type"); header( "Content-Type: application/octet-stream" ); header("Content-Disposition: attachment; filename=\"filename\";"); header ("Cache-Control: must-revalidate, post-check=0, pre-check=0"); header('Pragma: no-cache'); header("Content-Transfer-Encoding: binary"); header('Expires: 0'); // Send the file contents. readfile($file); ?> Can anyone please tell me where I am going wrong? I have tried about 100 of these scripts and headers now.. its driving me insane!!! Many thanks, Mark.