Jump to content

Hiding where your downloading the file from


_OwNeD.YoU_

Recommended Posts

Well, the actual solution will depend upon "how" you want to access the files. Are the file names/paths stored in a database and you will pass an ID to find the file details int he database. Or perhaps you will simply pass the file name without the path to the file so the user can't directly link to the file.

 

Here's an example

//Get the file name and path in some manner
//e.g. pass an id ot name to the page such as
//http://www.mydomain.com/showpdf.php?id=4
//Generate a variable with the full path and name to the file on the server
$filename = "/pdffiles/mypdf.pdf";

if (file_exists ($filename))
{
    header("Cache-Control: public"); 
    header("Content-Description: File Transfer"); 
    header("Content-Type: application/pdf"); 
    header("Content-Transfer-Encoding: binary"); 
    header('Content-Length: '. filesize($filename)); 
    readfile($filename); 
}
else
{
    echo "File not found";
}

Link to comment
Share on other sites

I use this script, it allows me to link a file by eithor

http://www.someo ne-else-s erver.com/file.exe

or

/my/servers/document/root/file.exe or .pdf or w/e you want.

 

Info:

$file = the files location so eithor http://.. or /document/root/...

$name is the output name you want it to have.

<?php
function output_file($file, $name, $mime_type='') {
 /*
 This function takes a path to a file to output ($file), 
 the filename that the browser will see ($name) and 
 	 the MIME type of the file ($mime_type, optional).

 If you want to do something on download abort/finish,
 register_shutdown_function('function_name');
 */
 //echo "<br><br>file: $file <br>name: $name <br> mime: $mime_type<br><br>";
 //if(!is_readable($file)) die('File not found or inaccessible!');

 $size = filesize($file);
 $name = rawurldecode($name);

 /* Figure out the MIME type (if not specified) */
 $known_mime_types=array(
	"pdf" => "application/pdf",
	"txt" => "text/plain",
	"html" => "text/html",
	"htm" => "text/html",
	"exe" => "application/octet-stream",
	"zip" => "application/zip",
	"doc" => "application/msword",
	"xls" => "application/vnd.ms-excel",
	"ppt" => "application/vnd.ms-powerpoint",
	"gif" => "image/gif",
	"png" => "image/png",
	"jpeg"=> "image/jpg",
	"jpg" =>  "image/jpg",
	"php" => "text/plain",
	"rtf" => "application/msword"
 );

 if($mime_type==''){
	 $file_extension = strtolower(substr(strrchr($file,"."),1));
	 if(array_key_exists($file_extension, $known_mime_types)){
		$mime_type=$known_mime_types[$file_extension];
	 } else {
		$mime_type="application/force-download";
	 };
 };

 @ob_end_clean(); //turn off output buffering to decrease cpu usage

 // required for IE, otherwise Content-Disposition may be ignored
 if(ini_get('zlib.output_compression'))
  ini_set('zlib.output_compression', 'Off');

 header('Content-Type: ' . $mime_type);
 header('Content-Disposition: attachment; filename="'.$name.'"');
 header("Content-Transfer-Encoding: binary");
 header('Accept-Ranges: bytes');

 /* The three lines below basically make the 
	download non-cacheable */
 header("Cache-control: private");
 header('Pragma: private');
 header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");

 // multipart-download and download resuming support
 if(isset($_SERVER['HTTP_RANGE']))
 {
	list($a, $range) = explode("=",$_SERVER['HTTP_RANGE'],2);
	list($range) = explode(",",$range,2);
	list($range, $range_end) = explode("-", $range);
	$range=intval($range);
	if(!$range_end) {
		$range_end=$size-1;
	} else {
		$range_end=intval($range_end);
	}

	$new_length = $range_end-$range+1;
	header("HTTP/1.1 206 Partial Content");
	header("Content-Length: $new_length");
	header("Content-Range: bytes $range-$range_end/$size");
 } else {
	$new_length=$size;
	header("Content-Length: ".$size);
 }

 /* output the file itself */
 $chunksize = 1*(1024*1024); //you may want to change this
 $bytes_send = 0;
 if ($file = fopen($file, 'r'))
 {
	if(isset($_SERVER['HTTP_RANGE']))
	fseek($file, $range);

	while(!feof($file) && 
		(!connection_aborted()) && 
		($bytes_send<$new_length)
		  )
	{
		$buffer = fread($file, $chunksize);
		print($buffer); //echo($buffer); // is also possible
		flush();
		$bytes_send += strlen($buffer);
	}
 fclose($file);
 } else die('Error - can not open file.');

die();
}
?>

Link to comment
Share on other sites

Note iarp's script will provide a dialog to Open/Save/Cancel the file instead of attempting to directly open the file (as requested by the OP).

 

That script can be used to attempt to open the file automatically by commenting out this line:

header('Content-Disposition: attachment; filename="'.$name.'"')

Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.