about download.php


i've been to several websites that required me to download the file through their download.php

for ex : http://www.toriyamaworld.com/download.php?filename=hxh-15-12.zip

however, i wanna skip this process by trying get the file from a direct llink
which i need to get the address from those line in the download.php

however, i believe that we can't download "download.php" manualy, we may need to use some trick
but i don't really know how to?

anybody know aobut this?

Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

If the script is secure enough it will be a tack to obtain such a thing, you can instead download the file using a download program and trace it back to its original link and hope that that file or all the files are stored in the same folder and just copy and paste the file name with the link.

Many of these scipts and made secure so that people have to register to DL the file. With the link you gave it redirects you so that means they are using permissions to access the file which is something hard to get around unless you have the file or access.

- Daniel

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
adding to what rayni said, if the script is written well, it could be impossible to get the file because the file could be stored below the root or in a location that a user can't access from outside the server. this would then be read in, a header sent and the file output in the script


Why do you want to do this?

It also depends on what download.php does, does it stream the file, or does it redirect  you to the file.

If it redirects you, then all you have to do is get the redirection url.

If it streams you you can simply pass the correct arguments to download.php

Things get more complex if they require you to register.
CompTIA Security+

Learn the essential functions of CompTIA Security+, which establishes the core knowledge required of any cybersecurity role and leads professionals into intermediate-level cybersecurity jobs.

Are you trying to use wget?
tom_mkAuthor Commented:
what's wget?

btw..i thik it just redirect me to the dowload place la..
and it may have some script that block user to be able to d/l 1 file in 10 mins..
but i'm not sure..

this is the page i mentioned.. http://www.brainfart.org/hxh/

can u guys take a look at it?

sorry but i agree with what they say - use bittorrent if you're on broadband, or if you're on 56k then the wait shouldn't be long between downloading chapters..

tom_mkAuthor Commented:
oh man..
for my curiosity ...i need to know the process ..

i know it's not right thing to do..but i wanna know how to crack that download.php out ah..

let's say..it's for my education ..la

We can show you how to do something similar, but under no circumstances can we tell you how to circumvent someones security. Which is what that is. It is a method for them to secure their bandwidth.

If you wanted to recreate something like that, you could simply generate a hash that identifys your visitors.

If you have that hash in a db as having viewed in the last 10 minutes, refuse the download. Otherwise Open the file, and print the relevent headers, and output the files contents.


You can use CURL to find out.
You can follow each and every hop to reach the final file...and hence find the path of the file.

$ch = curl_init($url); //$url -> download url
curl_setopt($ch,CURLOPT_FOLLOWLOCATION,0); //to follow hops. start from 0
curl_setopt($ch, CURLOPT_HEADER, 1);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$data = curl_exec($ch);

in the header part you can easily find out.
Location: http://www.saarang.org/new
eg: using the above script i found that it is at


for eg: visit http://www.saarang.org/in.php

hope you found the soln.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.