Jump to content

how to send file to browser from external link


Recommended Posts

I have two servers one one them is for storing my files and the other one is for allowing users to download from that link.The thing is I don't want download link to be revealed for the users and for that reason I tried to use curl to send files to user's browser. This is the code that I have used



 set_time_limit(0);
    $ch = curl_init();
    curl_setopt($ch,CURLOPT_URL,$url);
    curl_setopt($ch,CURLOPT_RETURNTRANSFER,true);
    curl_setopt($ch,CURLOPT_HEADER,1);
    curl_setopt($ch,CURLOPT_NOBODY,1);
    curl_setopt($ch,CURLOPT_POST,1);
    curl_setopt($ch,CURLOPT_POSTFIELDS,$post);
    curl_setopt($ch,CURLOPT_TIMEOUT,1000);
    curl_exec($ch);
    $bytes = curl_getinfo($ch,CURLINFO_CONTENT_LENGTH_DOWNLOAD);
    $r = curl_exec($ch);
    header('Expires: 0'); // no cache
    header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
    header('Last-Modified: '.gmdate('D, d M Y H:i:s',time()).' GMT');
    header('Cache-Control: private',false);
    header('Content-Type: application/x-rar-compressed');
    header('Content-Disposition: attachment; filename="'.basename($url).'"');
    header('Content-Transfer-Encoding: binary');
    header('Content-Length: '.strlen($r)); // provide file size
    header('Connection: close');
    ob_clean();
    echo $r;


But there are two major problems with this.First,Download speed is very low . Second , The user doesn't have the ability to resume downloads .

 

What's wrong with this?

 

Thanks

 

I have two servers one one them is for storing my files and the other one is for allowing users to download from that link.The thing is I don't want download link to be revealed for the users and for that reason I tried to use curl to send files to user's browser. This is the code that I have used
 set_time_limit(0);
    $ch = curl_init();
    curl_setopt($ch,CURLOPT_URL,$url);
    curl_setopt($ch,CURLOPT_RETURNTRANSFER,true);
    curl_setopt($ch,CURLOPT_HEADER,1);
    curl_setopt($ch,CURLOPT_NOBODY,1);
    curl_setopt($ch,CURLOPT_POST,1);
    curl_setopt($ch,CURLOPT_POSTFIELDS,$post);
    curl_setopt($ch,CURLOPT_TIMEOUT,1000);
    curl_exec($ch);
    $bytes = curl_getinfo($ch,CURLINFO_CONTENT_LENGTH_DOWNLOAD);
    $r = curl_exec($ch);
    header('Expires: 0'); // no cache
    header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
    header('Last-Modified: '.gmdate('D, d M Y H:i:s',time()).' GMT');
    header('Cache-Control: private',false);
    header('Content-Type: application/x-rar-compressed');
    header('Content-Disposition: attachment; filename="'.basename($url).'"');
    header('Content-Transfer-Encoding: binary');
    header('Content-Length: '.strlen($r)); // provide file size
    header('Connection: close');
    ob_clean();
    echo $r;
But there are two major problems with this.First,Download speed is very low . Second , The user doesn't have the ability to resume downloads .
 
What's wrong with this?
 
Thanks

 

Anybody can helps me with that ? 

Relax, it's the weekend.

 

But there are two major problems with this.First,Download speed is very low .

Not surprising. You're actually downloading the file twice, in a way: once from the storage server to the web server, and again from the web server to the user.

 

Second , The user doesn't have the ability to resume downloads .

That requires supporting content ranges in your code. You can tackle that after dealing with your download problem.

 

 

There's not much point to having a server storing files if you don't have it serving the files to users. Just a glorified hard drive but without the good performance.

Implement a sort of protection on that server. There are a few ways you could do it - here's two:

1. Create an "API" where the web server calls an API on the download server, gets a unique and temporary ID, then uses that in a URL which it gives to the client. That URL downloads the file but only works for a short time.

2. A time-sensitive signed URL. In the URL to the download server (that you give to the client) you include a timestamp and a hash a few bits of information: the file being downloaded, the timestamp, and a secret identifier. The download server calculates the hash by itself and then compares that to what it was given (and of course checks that the timestamp is still recent enough to be allowed).

http://download.example.com/path/to/file.ext?timestamp=1234567890&hash=abcdefg
I'd go for #2 myself. Edited by requinix

If you just want to stream the file from your other server you can use the readfile() .

    header('Content-Type: application/zip');
    header("Content-Transfer-Encoding: Binary"); 
    header("Content-disposition: attachment; filename=\"file.zip\""); 
    readfile('http://www.yourhost.net/file.zip');
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.