dennismonsewicz Posted March 20, 2008 Share Posted March 20, 2008 I need a script that will "crawl" a directory and check to see if files exist and to print a 404 error page if someone tries to directly link to a file in the directory. any ideas? Quote Link to comment Share on other sites More sharing options...
Orio Posted March 20, 2008 Share Posted March 20, 2008 Well I am not really sure what you're asking for here... Do need to find if a certain file exists in a directory (and all of it's subdirectories) ? Orio. Quote Link to comment Share on other sites More sharing options...
dennismonsewicz Posted March 20, 2008 Author Share Posted March 20, 2008 Not really I already have a script running for the download once you are logged in. What I am wanting is for when someone uploads a file, they can't just in the direct link to the file and download or see the file. Quote Link to comment Share on other sites More sharing options...
Orio Posted March 20, 2008 Share Posted March 20, 2008 So either put the file outside of your public_html, or put it in a directory that has a .htaccess in it that says: Deny from all Then you could access these files via your php scripts and force download them. Orio. Quote Link to comment Share on other sites More sharing options...
dennismonsewicz Posted March 20, 2008 Author Share Posted March 20, 2008 so I could place the files in a folder outside of the public folder and still be able to force download them? what would the header() look like? and I can't used .htaccess cause I am using IIS Quote Link to comment Share on other sites More sharing options...
Orio Posted March 20, 2008 Share Posted March 20, 2008 If you want to force download a file, you'll need a few headers... Check this great force download script: http://elouai.com/force-download.php Of course you'll have to do some changes in there... In the end it should look like this I guess: <?php $base_dir = "/path/in/your/root/"; //The place you'll store the files $filename = $_GET['file']; //Add some validation here- Check if it's a valid file name $file_extension = strtolower(substr(strrchr($filename,"."),1)); $filename = $base_dir . $filename; if ( ! file_exists( $filename ) ) { echo "<html><title>eLouai's Download Script</title><body>ERROR: File not found. USE force-download.php?file=filepath</body></html>"; exit; }; switch( $file_extension ) { case "pdf": $ctype="application/pdf"; break; case "exe": $ctype="application/octet-stream"; break; case "zip": $ctype="application/zip"; break; case "doc": $ctype="application/msword"; break; case "xls": $ctype="application/vnd.ms-excel"; break; case "ppt": $ctype="application/vnd.ms-powerpoint"; break; case "gif": $ctype="image/gif"; break; case "png": $ctype="image/png"; break; case "jpeg": case "jpg": $ctype="image/jpg"; break; default: $ctype="application/force-download"; } // required for IE, otherwise Content-disposition is ignored if(ini_get('zlib.output_compression')) ini_set('zlib.output_compression', 'Off'); header("Pragma: public"); // required header("Expires: 0"); header("Cache-Control: must-revalidate, post-check=0, pre-check=0"); header("Cache-Control: private",false); // required for certain browsers header("Content-Type: $ctype"); // change, added quotes to allow spaces in filenames, by Rajkumar Singh header("Content-Disposition: attachment; filename=\"".basename($filename)."\";" ); header("Content-Transfer-Encoding: binary"); header("Content-Length: ".filesize($filename)); readfile($filename); exit(); ?> Don't forget adding security checks, that's very very important. Orio. Quote Link to comment Share on other sites More sharing options...
dennismonsewicz Posted March 20, 2008 Author Share Posted March 20, 2008 Thanks, I will have to try this tomorrow. I am leaving work now. Thanks for all the help! Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.