Force Download Script issues ...

[bsamson]

I found a php script that forces a file to be downloaded opposed to being opened in the browser. Here is the script:

[code]<?php

$f = $_REQUEST['f'];
$pth = "http://1234.domain.com/docs/";

if ($f==1) {
    $file = "training101.pdf";
    }
   
$filename = $pth . $file;


// required for IE, otherwise Content-disposition is ignored
if(ini_get('zlib.output_compression'))
  ini_set('zlib.output_compression', 'Off');

// addition by Jorg Weske
$file_extension = strtolower(substr(strrchr($filename,"."),1));

if( $filename == "" )
{
  echo "<html><title>MY DOMAIN - Error</title><body>ERROR: download file NOT SPECIFIED. USE force-download.php?file=filepath</body></html>";
  exit;
} elseif ( ! file_exists( $filename ) )
{
  echo "<html><title>MY DOMAIN - Error</title><body>ERROR: File not found. USE force-download.php?file=filepath</body></html>";
  exit;
};
switch( $file_extension )
{
  case "pdf": $ctype="application/pdf"; break;
  case "exe": $ctype="application/octet-stream"; break;
  case "zip": $ctype="application/zip"; break;
  case "doc": $ctype="application/msword"; break;
  case "xls": $ctype="application/vnd.ms-excel"; break;
  case "ppt": $ctype="application/vnd.ms-powerpoint"; break;
  case "gif": $ctype="image/gif"; break;
  case "png": $ctype="image/png"; break;
  case "jpeg":
  case "jpg": $ctype="image/jpg"; break;
  default: $ctype="application/force-download";
}
header("Pragma: public"); // required
header("Expires: 0");
header("Cache-Control: must-revalidate, post-check=0, pre-check=0");
header("Cache-Control: private",false); // required for certain browsers
header("Content-Type: $ctype");
// change, added quotes to allow spaces in filenames, by Rajkumar Singh
header("Content-Disposition: attachment; filename=\"".basename($filename)."\";" );
header("Content-Transfer-Encoding: binary");
header("Content-Length: ".filesize($filename));
readfile("$filename");
exit();

?>[/code]

When I run this script I get this error:
[i]ERROR: File not found. USE force-download.php?file=filepath[/i]

So I wanted to make sure the 'f' was passing correctly so I have this code:
[code]<?php

$f = $_REQUEST['f'];
$pth = "http://1234.domain.com/docs/";

if ($f==1) {
    $file = "training101.pdf";
    }
   
$filename = $pth . $file;

echo $filename;

?>[/code]

Then the above script is ran w/ http://1234.mydomain.com/force-download.php?f=1 This is what i get:

[i]http://1234.mydomain.com/docs/training101.pdf[/i]

Any Suggestions? Thanks in advance!

[Daniel0]

Try this instead: [code]<?php
$path = "/var/www/docs/";
$file = $path.$_GET['file'];

if(!empty($_GET['file']))
{
echo "<html><title>MY DOMAIN - Error</title><body>ERROR: download file NOT SPECIFIED. USE force-download.php?file=filepath</body></html>";
die();
}
else if(!file_exists($file))
{
echo "<html><title>MY DOMAIN - Error</title><body>ERROR: File not found. USE force-download.php?file=filepath</body></html>";
die();
}

@ini_set('zlib.output_compression',false);

header("Pragma: public");
header("Expires: 0");
header("Cache-Control: must-revalidate, post-check=0, pre-check=0");
header("Cache-Control: private",false);
header("Content-Type: application/force-download");
header("Content-Disposition: attachment; filename=\"".basename($file)."\";" );
header("Content-Transfer-Encoding: binary");
header("Content-Length: ".filesize($file));
readfile($file);
die();
?>[/code]

(note change it to the correct path)