We help IT Professionals succeed at work.

CFFILE: download CSV file then delete

Last Modified: 2013-12-24

I need to be able to allow administrators for a site to download a list of subscribers details in CSV format.

The only problem is that I can't have the file sitting on the webserver for any tom dick and harry to download.

Is there a way for me to create the file, force it to download and then delete once the download is complete? Or perhaps make the file unique to that person's session and when their session times out it is rdeleted?

Thanks in advance

Watch Question

Most Valuable Expert 2015

You can use <cfcontent> to dynamically generate csv files from a query.  You can also use cfcontent's deleteFile flag to serve up a file on the server hard drive and then delete "the file on the server after sending its contents to the client"


Though if the information is confidential perhaps the files should not be kept in a web accessible directory at all or stored as plain text.  But you know best what type of information you're dealing and whether this is a potential security risk or a lawsuit waiting to happen.


Thanks for the reply.

I have created the attached code based on the information you have given.

Essentially the reason I am doing this is so that an administrator (once logged in) can download a CSV file of all database subscribers and then use that data with a third party marketing tool i.e. SMS or direct mail etc.

If there is a better way of doing this I am all ears?
<cfquery name="getSubscribers" datasource="#dsl#">
	SELECT * FROM mailingList
<cfset filePath="#rootDirectory#/maintenance/subscribers.csv">
<cfset content = "Name,Email,Mobile Number,Date Of Birth">
<cfoutput query="getSubscribers">
	<cfset content = "">
	<cfset content = "#userName#,#email#,#mobileNumber#,#dateOfBirth#">
<cfheader name="Content-Disposition" value="attachment; filename=#getFileFromPath (filePath)#"> 
<cfcontent file="#filePath#" type="application/octet-stream" deletefile="yes">

Open in new window

Most Valuable Expert 2015
This one is on us!
(Get your first solution completely free - no credit card required)
Most Valuable Expert 2015

I just noticed my code sample never posted.  So here it is again.  Note, you need to download the QueryToCSV2 function from cflib.org
<!--- create the csv content --->
<cfset content = QueryToCSV2(yourQueryName)>
<!--- display the content for downloading --->
<cfheader name="Content-Disposition" value="attachment; filename=nameOfYourFile.csv"> 
<cfcontent type="application/vnd.ms-excel">

Open in new window


AGX: How much of a security risk is this? Should I remove the DOB?

I'm trying to give the user maximum flexibility but at the same time I need to cover my own back.


Thanks for your outstanding help.
Most Valuable Expert 2015

I am not a lawyer, but personally I would remove it.  First there is the issue of whether customer's consented to having any of their information released to other parties at all.  Second, even if they did I doubt DOB is necessary for marketing purposes, an "Over 18" flag perhaps, but not DOB.  Companies typically give customers the impression they can expect a reasonable measure of security when releasing their information.  This type of downloading does not provide any security measures at all.  Not to mention that once you allow information to be downloaded, anything can happen to it, even during transit.  Again, I am not a lawyer, but this may open up areas of liability.  It is often a trade-off, but just because it is possible to do something does not mean it is a good idea ;-)  


Thanks AGX.

I will leave it out.
Just so you know why we were capturing it, the DOB was being captured so that subscribers who choose to enter it receive an email on their birthday containing a voucher to spend at the website's establishment. Thats the only thing it would be used for so there's not much point in keeping it.

Thanks again for your help.


Gain unlimited access to on-demand training courses with an Experts Exchange subscription.

Get Access
Why Experts Exchange?

Experts Exchange always has the answer, or at the least points me in the correct direction! It is like having another employee that is extremely experienced.

Jim Murphy
Programmer at Smart IT Solutions

When asked, what has been your best career decision?

Deciding to stick with EE.

Mohamed Asif
Technical Department Head

Being involved with EE helped me to grow personally and professionally.

Carl Webster
CTP, Sr Infrastructure Consultant
Empower Your Career
Did You Know?

We've partnered with two important charities to provide clean water and computer science education to those who need it most. READ MORE

Ask ANY Question

Connect with Certified Experts to gain insight and support on specific technology challenges including:

  • Troubleshooting
  • Research
  • Professional Opinions
Unlock the solution to this question.
Join our community and discover your potential

Experts Exchange is the only place where you can interact directly with leading experts in the technology field. Become a member today and access the collective knowledge of thousands of technology experts.

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.


Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.