Jump to content

Archived

This topic is now archived and is closed to further replies.

freenity

downloading file

Recommended Posts

Hi.
I need to make a webpage that when user enters, clicks the download link and the file downloads. BUT the link shouldnt be the direct link to the file. The user must not see the direct link to the file. I thought doing this with the use of header() but its not possible to send it in the middle of script. How could I do this? You know I want to do somethink like in download.com that you click to download a file and you re redirected to another webpage and file is downloaded. Thanks for ahy help

Share this post


Link to post
Share on other sites
http://www.onlamp.com/pub/a/php/2002/12/05/one_time_URLs.html

You should be able to tweak that and get it to work for your uses

Share this post


Link to post
Share on other sites
I done this for you to test it works grate.

1 make the files as below.

2. make also a file called test.txt.

3. put all the 3 files in a directory of testdownload.


this code will let you download 5 files from the index.php page and not show where the files come from but if a user did find the page where the files come from the user can not get the files as the $_GET will valadate if the link is pressed ok.

any file type can be used as the download.php is forcing the file to the user ok.

good luck.

index.php
[code]
<html>
<title>download me</title>
<body>
<table align="center">
<td>
Please download our free 5 files!
<br><br>
<a href="download.php?cmd=download1">download file 1</a>
<br><br>
<a href="download.php?cmd=download2">download file 2</a>
<br><br>
<a href="download.php?cmd=download3">download file 3</a>
<br><br>
<a href="download.php?cmd=download4">download file 4</a>
<br><br>
<a href="download.php?cmd=download2">download file 5</a>
<td>
</table>
</html>
</body>
[/code]




download.php
[code]

<?php

if($_GET['cmd']=="download1"){

$file = test.txt;

header("Pragma: public");
header("Expires: 0");
header("Cache-Control: must-revalidate, post-check=0, pre-check=0");

header("Content-Type: application/force-download");
header( "Content-Disposition: attachment; filename=".basename($file));

header( "Content-Description: File Transfer");
@readfile($file);

header("loacation: index.php");

}

if($_GET['cmd']=="download2"){

$file = test.txt;

header("Pragma: public");
header("Expires: 0");
header("Cache-Control: must-revalidate, post-check=0, pre-check=0");

header("Content-Type: application/force-download");
header( "Content-Disposition: attachment; filename=".basename($file));

header( "Content-Description: File Transfer");
@readfile($file);

header("loacation: index.php");

}

if($_GET['cmd']=="download3"){

$file = test.txt;

header("Pragma: public");
header("Expires: 0");
header("Cache-Control: must-revalidate, post-check=0, pre-check=0");

header("Content-Type: application/force-download");
header( "Content-Disposition: attachment; filename=".basename($file));

header( "Content-Description: File Transfer");
@readfile($file);

header("loacation: index.php");

}


if($_GET['cmd']=="download4"){

$file = test.txt;

header("Pragma: public");
header("Expires: 0");
header("Cache-Control: must-revalidate, post-check=0, pre-check=0");

header("Content-Type: application/force-download");
header( "Content-Disposition: attachment; filename=".basename($file));

header( "Content-Description: File Transfer");
@readfile($file);

header("loacation: index.php");

}


if($_GET['cmd']=="download5"){

$file = test.txt;

header("Pragma: public");
header("Expires: 0");
header("Cache-Control: must-revalidate, post-check=0, pre-check=0");

header("Content-Type: application/force-download");
header( "Content-Disposition: attachment; filename=".basename($file));

header( "Content-Description: File Transfer");
@readfile($file);

header("loacation: index.php");

}
[/code]

Share this post


Link to post
Share on other sites
There is a slight problem with that code. If some one knows the cmd they can directly link to that file and download your file anyways. Here is a script that I just wrote.

This script will first check to see if the user came from the download page and if not it will through up a 401 file not found and then it checks to see if the user is loged in. If so then they are allowed to download the file.

[code]
<?php
session_start();
function getaction($action) {
    switch($action) {
          case "download":
    function getdownload($type) {
        switch($type) {
  case "free":
      /*This checks to see if the request for this file came from your site and if not it will through up a File not found error*/
      if ($_SERVER['HTTP_REFERER'] !== "http://yoursite.com/somepage.php") {
          header("HTTP/1.1 404 Not Found");
      }
      //this checks to see if the user is logged in or not
      if (!$_SESSION['username']) {
          echo "You must be a member to download this file<br />";
          include("test.html");
          exit;
      }
      $filename =  $_GET['filename'];
      header("Pragma: public");
                              header("Expires: 0");
                              header("Cache-Control: must-revalidate, post-check=0, pre-check=0");

                              header("Content-Type: application/force-download");
                              header( "Content-Disposition: attachment; filename=".basename($filename));

                              header( "Content-Description: File Transfer");
                              header('Accept-Ranges: bytes');
    header('Content-Length: ' . filesize($filename));
    @readfile($filename);
            break;
        }
    }
    getdownload($_GET['type']);
          break;
    }
}
getaction($_GET['action']);  
?>[/code]

I am going to assume you name this download.php and that the file is test.zip
You can create a link to this page like this.
<a href="download.php?action=download&type=free&filename=test.zip">test.zip</a>

you can add a paid case if you want.

Good Luck,
Tom

Share this post


Link to post
Share on other sites

×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.