Solved

Download a file

Posted on 2007-03-17
1
278 Views
Last Modified: 2008-03-06
I would like to create a download link to a file outside the web server area, for example in the /tmp/

I could create a list of the files, but I dont know how to make it downloadable.

So far, I can create this link :

<a href="get_file.php?file=$file> $file </a>

Anyone know how to code the "get_file.php" so it will download the $file?

The $file is not in the web server area, for example /tmp/test.txt

I tried it like this (see below), but it does not work:

<?php

  header("Content-type: application/octet-stream");
  header("Content-disposition: attachment; filename=$file");

  $file = $_REQUEST['file'];
 
  echo $file;
 
  if (substr($file,0,5) != '/tmp/') {
     readfile($file);
  } else {
     echo "Error reading file";
  }

?>


Thanks!
0
Comment
Question by:nova2002
1 Comment
 
LVL 49

Accepted Solution

by:
Roonaan earned 125 total points
ID: 18739659
<?php

  $file = $_REQUEST['file'];

  $file = str_replace('..', '', $file); //prevent people from entering ../../.htaccess or something

  $path = '/tmp/'. $file;

  if(is_file($file)) {
    header("Content-type: application/octet-stream");
    header("Content-disposition: attachment; filename=".basename($file));
     readfile($file);
  } else {
     echo "Error reading file";
  }
?>

Then make sure that you use a relative path as your get_file.php argument:
For /tmp/file1.pdf, it would be get_file.php?file=file1.pdf
For /tmp/sub/file2.pdf, it would be get_file.php?file=sub/file2.pdf

Hope this helps,

-r-
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Things That Drive Us Nuts Have you noticed the use of the reCaptcha feature at EE and other web sites?  It wants you to read and retype something that looks like this.Insanity!  It's not EE's fault - that's just the way reCaptcha works.  But it is …
Nothing in an HTTP request can be trusted, including HTTP headers and form data.  A form token is a tool that can be used to guard against request forgeries (CSRF).  This article shows an improved approach to form tokens, making it more difficult to…
The viewer will learn how to count occurrences of each item in an array.
The viewer will learn how to look for a specific file type in a local or remote server directory using PHP.

920 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now