|
PHP user function for downloading files without public URL:
<?php
function DownloadFile($filename)
{
// Check filename
if (empty($filename) || !file_exists($filename))
{
return FALSE;
}
// Create download file name to be displayed to user
$saveasname = basename($filename);
// Send binary filetype HTTP header
header('Content-Type: application/octet-stream');
// Send content-length HTTP header
header('Content-Length: '.filesize($filename));
// Send content-disposition with save file name HTTP header
header('Content-Disposition: attachment; filename="'.$saveasname.'"');
// Output file
readfile($filename);
// Done
return TRUE;
}
?>
PHP script for downloading files without public URL:
<?php
//////////////////////////////////////////////////////////////////////
// DOWNLOAD.PHP -- Download Utility
// Copyright (c) 2001-2006 Manfred Baumeister, Dublin, Ireland
//
// AUDIT TRAIL:
// mb (03/02/2004) Bugfix/Patch: Call to getGlobalVar('id', 1) fixed.
// mb (26/12/2003) Modified download file id parameter access.
// mb (26/12/2003) BUGFIX: Syntax error (missing ')' in line 13) fixed.
// mb (15/09/2003) getGlobalVar function added/facilitated.
// mb (05/10/2002) PHP 4.2 global variable access.
//////////////////////////////////////////////////////////////////////
// Get download file id (assume it's passed as a form or URL parameter)
$id = getGlobalVar('id', 1);
// Check download file id parameter, get download file name, download file
// (assuming (global) variable $id specifies download file id)
if (empty($id) || !DownloadFile(getDownloadFileName($id)))
{
die("No Download!");
}
// Only functions beyond this point
function getDownloadFilename($fileid)
// Get download file pathname
// Returns: download file pathname
// Parameters:
// $fileid : File identifier
{
// Download file list
$DLFILES = array(
'TOOL1' => 'download/tool1_v30.exe',
'PROG2' => 'download/prog2setup.exe',
);
// Get/check download file name
if (empty($fileid) || empty($DLFILES[$fileid]))
{
return '';
}
// Set base directory to document root directory
// (could also be set to a directory outside document root!)
$basedir = getGlobalVar('DOCUMENT_ROOT');
// Build and return download file name
return $basedir.'/'.$DLFILES[$fileid];
}
function DownloadFile($filename)
// Download file
// Returns: TRUE if download successfully started, FALSE if download failed
// Parameters:
// $filename : Download file pathname
{
// Verify filename
if (empty($filename) || !file_exists($filename))
{
return FALSE;
}
// Create download file name to be displayed to user
$saveasname = basename($filename);
// Send binary filetype HTTP header
header('Content-Type: application/octet-stream');
// Send content-length HTTP header
header('Content-Length: '.filesize($filename));
// Send content-disposition with save file name HTTP header
header('Content-Disposition: attachment; filename="'.$saveasname.'"');
// Output file
readfile($filename);
// Download successfully started
return TRUE;
}
function getGlobalVar($g, $formflag = 0)
// Get global PHP variable value
// Returns: global variable value or empty string if not available
// Parameters:
// $g : Global PHP variable name
// $formflag : Flag - global var from GET/POST input
{
if (empty($g))
{
return 0;
}
// Try superglobal access (PHP 4.1.0+)
if ($formflag)
{
if (isset($_POST[$g]))
{
return $_POST[$g];
}
if (isset($_GET[$g]))
{
return $_GET[$g];
}
if (isset($_REQUEST[$g]))
{
return $_REQUEST[$g];
}
}
else
{
if (isset($_SERVER[$g]))
{
return $_SERVER[$g];
}
if (isset($_ENV[$g]))
{
return $_ENV[$g];
}
}
// Try superglobal access (PHP 3.0.0+)
if (isset($GLOBALS[$g]))
{
return $GLOBALS[$g];
}
// Try global variable access (PHP 3+)
global $$g;
if (!empty($$g))
{
return $$g;
}
// Assume global variable empty/not set
return '';
}
?>
The script above expects a download file id parameter for identifying the download file. The advantage of the above method/script is that no download URL has to be exposed to the user (download files can even be stored outside the webserver document root). This allows to control and monitor access to download files (webmaster notification, download access counters/statistics, user identification requests, etc.). The following link would activate the download of prog2setup.exe if the script is saved as http://www.YourDomain.com/dl.php :
<a href="http://www.YourDomain.com/dl.php?id=PROG2">Download Program 2</a>
The download can also be started through a redirect statement from PHP with a script such as:
<?php header("Location: http://www.YourDomain.com/dl.php?id=PROG2"); exit; ?>
The above method/script is useful for automatic download monitoring and notification. It is possible to prevent the user from directly accessing the download file, thus allowing for additional procedures such as download access counting and webmaster notifications to be triggered whenever a download file is requested. It is also possible to pass download requests through forms for user identification.
Using the Content-disposition: attachment HTTP header can cause a series of problems in Internet Explorer, notably IE5.5 SP1 and IE6.01. See Related Links for more information. The following PHP file download user function uses a browser check to avoid these bugs/problems:
<?php
function DownloadFile($filename)
{
// Check filename
if (empty($filename) || !file_exists($filename))
{
return FALSE;
}
// Create download file name to be displayed to user
$saveasname = basename($filename);
// Send binary filetype HTTP header
header('Content-Type: application/octet-stream');
// Send content-length HTTP header
header('Content-Length: '.filesize($filename));
// Send content-disposition with save file name HTTP header
// (using workaround for MSIE 5.5 SP1 / MSIE 6.01 bugs/problems)
$browser = getGlobalVar('HTTP_USER_AGENT');
if (strstr('MSIE 5.5', $browser)
|| strstr('MSIE 6.01', $browser))
{
header('Content-Disposition: filename="'.$saveasname.'"');
}
else
{
header('Content-Disposition: attachment; filename="'.$saveasname.'"');
}
// Send Content-Transfer-Encoding HTTP header
// (use binary to prevent files from being encoded/messed up during transfer)
header('Content-Transfer-Encoding: binary');
// Output file
readfile($filename);
// Done
return TRUE;
}
function getGlobalVar($g, $formflag = 0)
// Get global PHP variable value
// Returns: global variable value or empty string if not available
// Parameters:
// $g : Global PHP variable name
// $formflag : Flag - global var from GET/POST input
{
if (empty($g))
{
return 0;
}
// Try superglobal access (PHP 4.1.0+)
if ($formflag)
{
if (isset($_GET[$g]))
{
return $_GET[$g];
}
if (isset($_POST[$g]))
{
return $_POST[$g];
}
if (isset($_REQUEST[$g]))
{
return $_REQUEST[$g];
}
}
else
{
if (isset($_SERVER[$g]))
{
return $_SERVER[$g];
}
if (isset($_ENV[$g]))
{
return $_ENV[$g];
}
}
// Try superglobal access (PHP 3.0.0+)
if (isset($GLOBALS[$g]))
{
return $GLOBALS[$g];
}
// Try global variable access (PHP 3+)
global $$g;
if (!empty($$g))
{
return $$g;
}
// Assume global variable empty/not set
return '';
}
?>
<?php
function DownloadFile($filename)
{
// Check filename
if (empty($filename) || !file_exists($filename))
{
return FALSE;
}
// Create download file name to be displayed to user
$saveasname = basename($filename);
// Send binary filetype HTTP header
header('Content-Type: application/octet-stream');
// Send content-length HTTP header
header('Content-Length: '.filesize($filename));
// Send content-disposition with save file name HTTP header
// (using workaround for MSIE 5.5 SP1 / MSIE 6.01 bugs/problems)
$browser = getGlobalVar('HTTP_USER_AGENT');
if (strstr('MSIE 5.5', $browser)
|| strstr('MSIE 6.01', $browser))
{
header('Content-Disposition: filename="'.$saveasname.'"');
}
else
{
header('Content-Disposition: attachment; filename="'.$saveasname.'"');
}
// Send Content-Transfer-Encoding HTTP header
// (use binary to prevent files from being encoded/messed up during transfer)
header('Content-Transfer-Encoding: binary');
// Output file
readfile($filename);
// Done
return TRUE;
}
function getGlobalVar($g, $formflag = 0)
// Get global PHP variable value
// Returns: global variable value or empty string if not available
// Parameters:
// $g : Global PHP variable name
// $formflag : Flag - global var from GET/POST input
{
if (empty($g))
{
return 0;
}
// Try superglobal access (PHP 4.1.0+)
if ($formflag)
{
if (isset($_GET[$g]))
{
return $_GET[$g];
}
if (isset($_POST[$g]))
{
return $_POST[$g];
}
if (isset($_REQUEST[$g]))
{
return $_REQUEST[$g];
}
}
else
{
if (isset($_SERVER[$g]))
{
return $_SERVER[$g];
}
if (isset($_ENV[$g]))
{
return $_ENV[$g];
}
}
// Try superglobal access (PHP 3.0.0+)
if (isset($GLOBALS[$g]))
{
return $GLOBALS[$g];
}
// Try global variable access (PHP 3+)
global $$g;
if (!empty($$g))
{
return $$g;
}
// Assume global variable empty/not set
return '';
}
?>
PHP Application: File Download Utilities • © 2024 Manfred Baumeister • Updated: 31 July 2010, 17:43 [UTC]
|