ali_kiyani Posted January 25, 2007 Share Posted January 25, 2007 Hello,I am developing a small application in PHP on Windows IIS. Using this application users can upload a file and then send the URL to another user so he/she can download the file.I want to know as to how can I hide the URL of uploaded file from users!? Further more how can I make sure that they can't access the file directly!One more thing is I want JPEG, TXT and other files which can be opened directly in a browser to be downloaded just like ZIP, EXE and other files when some user clicks on the URL.These are the techniques used by all email provides like Hotmail, Yahoo and Google where you cannot see the URL of attached file and when you click on it, it downloads the file irrespective of its extension. Similarly you cannot directly access the file by typing it in browser.ThanksAli Quote Link to comment Share on other sites More sharing options...
Jenk Posted January 25, 2007 Share Posted January 25, 2007 When you move the file, move it to a directory outside of (and above) the document root. Use a script to fetch and serve the files, instead of serving them directly. Quote Link to comment Share on other sites More sharing options...
ali_kiyani Posted January 26, 2007 Author Share Posted January 26, 2007 Yes this is a very good solution.I did this and it worked...it solved the problem of hiding the URL and direct access of fileTo force file download I used Content-Disposition: attachment and every thing is in order now.Here is the sample code for others.[code]<? if(isset($HTTP_GET_VARS['file'])) { $myfile = $HTTP_GET_VARS['file']; header('Content-Type: application/octet-stream'); header('Content-Disposition: attachment; filename='. $myfile); readfile("../../". $myfile); //you need to change this code according to your directory structure }?><a href="testdownload.php?file=php_icon.gif">Click</a><!-- In the above line replace php_icon.gif filename with PHP variable containing file name.-->[/code] Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.