challenge: force download of a remote file and without readfile()

[upuaut]

Hi All,
I'm new to php. Convinced of its performance advantage over perl, I decided to use it for my client's project.

Background: the client outsourced the entire project to run on our website, with the media files hosted on other servers (initially one, potentially many if bandwidth demand dictates)

on our website: the html pages, database storage, application code (php)

What it is: the client offers DRM protected media files (copyrighted songs and lectures) for download. We are to track usage and dynamically generate download links for the media files from one/many servers publically available. We are not interested in protecting the paths to the download media files, and actually encourage direct links to downloads.

the challenge: the files are in WMA/WMV format. When a user clicks on a link, they are to be prompted to save the file via "save/save as" dialog box, ie, force download , where the user gets prompted to the save dialog box in IE and firefox (and hopefully all browsers). Windows Media Player should not handle the download request.

My findings: I could use the header() function and set content-type to application/unknown, among setting other header info. And I'd need to use the readfile().

the questions:
1- Say the client's server's pipe throughput is 6Mbps, and our server (where code is running), is a max of 1.5Mbps. Would that mean that the max speed a user gets when downloading is 1.5? ie, would our server be a bottleneck?

2- Technically, when readfile() is executed on our server, is it actually reading the remote file then piping the data to the end user?, ie, the file goes through like this remote_server -> our_server -> user's browser? My guess is yes, but would like to confirm with gurus.

3- Is there a way in php to simply serve the proper headers (to force download), then connect the user's browser to the download link (a public file) and leave the rest to http?

What is not an option: we wouldn't consider compressing the files to zip format to work around the force download issue.

Thanking you in advance.

[redarrow]

bandwidth ansaw, yes your bandwidth is very slow and the upoad speed will be even slower as that the bandwidth the user will be using to get the file.

Your best bet is to use a force header code or use a direct link.

personaly i would consider a compression program and have users download them via a zip.

good luck.

[upuaut]

Is it possible to force header in conjunction with a direct link? (as I described in question 3)?

thanks.

[akitchin]

1.  if you're running the forced download from a PHP page on your server, you do become the bottleneck as PHP reads the file from the remote server and spits out the contents through yours.  if you seat the PHP page on the resource server, you can avoid this, but it's probably easier to do this the way you're setting it up.

2.  yes (see above).

3.  i'm not too sure what you mean by header in conjunction with a direct link.  do you mean to ask whether you can give a certain file a static link, and have the user always receive the forced download?  if so, you're partly out of luck; you need link to the PHP page which dictates the headers in order to force a download.  that is, unless you can enable mod_rewrite on the receiving server.  if you can do this, you can perhaps organize a rewrite that turns something like:

[code]/yourserver/filename.wmv[/code]

into:

[code]/yourserver/download_app.php?file=filename.wmv[/code]

unfortunately, this will not give you a "save target as" ability.  were someone to post this link on their page and tell users to "save target as," they're a little outta luck.

i guess in summary, you're forced to link to a PHP page in the end if you wish to use it to track or force a download.  there are little things you can do to make it "prettier," but there's no way to directly link the user to the file itself and have PHP do its work in the background.

i may be misunderstanding what you're asking - if so, feel free to set me on the right track.

[upuaut]

thanks for the reply.

what i mean by question 3 (header in conjunction with a direct link) is the following:  the script figures which server to use for the download (this part works). then, to force download, the script does something like this:

$file = "http://remote-server1.com/file1.wma"; // this script runs on this-server.com/blah
header("Pragma: public");
header("Expires: 0");
header("Cache-Control: must-revalidate, post-check=0, pre-check=0");

header("Content-Type: application/force-download");
// or header("Content-Type: application/unknown"); ???????
header( "Content-Disposition: attachment; filename=".basename($file));

header( "Content-Description: File Transfer");
// @readfile($file); is no good here since $file is on another machine/server publicly available via http.
SERVE_FILE($FILE) // the script now hands control to http protocol or some such and its job is done.

I hope this helps elaborate what I'm trying to achieve.

thanks in advance.