Link to home
Create AccountLog in
Avatar of kgp43
kgp43Flag for Denmark

asked on

Header/readfile does not work when trying to display image outside of website root

Hi,

I'm using this code to open an image saved outside of web root (home/kenneth/uploads/...)
It works fine in both IE and FF, but it does not work in Chrome - it just keep loading.

# Set headers
header("Cache-Control: public");
header("Content-Description: File Transfer");
header("Content-Disposition: attachment; filename=".$file['original_filename']);
header("Content-Type: application/octet-stream");
header("Content-Transfer-Encoding: binary");
header("Content-Length: ".filesize($absolute_path));

ob_clean();
flush();

# Read the file from disk
readfile($absolute_path);

Open in new window

$file['download_path'] = "http://".$file['hostname']."/download.php?token=".$token;

<img style="margin: 15px; max-width: 870px" src="<?php echo $file['download_path']; ?>" alt="<?php echo $file['original_filename']; ?>" />

Open in new window

Avatar of Ray Paseur
Ray Paseur
Flag of United States of America image

What are you trying to accomplish?  Is it to render an image in the browser viewport or force a download?
Avatar of kgp43

ASKER

Display an image located outside public_html

Ex.

<img src="/photo.php?fileid=xxxx" />

Photo.php

# Set headers
header("Cache-Control: public");
header("Content-Description: File Transfer");
header("Content-Disposition: attachment; filename=".$file['original_filename']);
header("Content-Type: application/octet-stream");
header("Content-Transfer-Encoding: binary");
header("Content-Length: ".filesize($absolute_path));

ob_clean();
flush();

# Read the file from disk
readfile($absolute_path);

Open in new window


The image appear correctly in both Firefox and IE, but not in Chrome. Chrome just keep loading, no image appears.
You may have a lot more headers than you need.  This article describes how I do it.
https://www.experts-exchange.com/Web_Development/Web_Languages-Standards/PHP/A_10065-Adding-a-Watermark-to-an-Image.html

IIRC the only header you really need is Content-type
I am also a little suspicious of this.  Why do you use that function?
http://php.net/manual/en/function.ob-clean.php
Avatar of kgp43

ASKER

Hi Ray,

Does not matter what I do, nothing loads in Chrome for me.
http://fs01.imgdrive.com/download.php?token=3L9QZB

header("Content-Description: File Transfer");
header("Content-Disposition: attachment; filename=".$file['original_filename']);
header('Content-Type: '.$file['mimetype']);

# Read the file from disk
readfile($absolute_path);

Open in new window


I removed ob_flush and cleaned up the headers. Seems I need the extra two or it's not possible to save the image with original filename when right-clicking (save as).
Avatar of kgp43

ASKER

More error checking.
http://fs01.imgdrive.com/test.php

$absolute_path = "/home/fs01/uploads/2012/12/31/v3hbspfc9d_image.jpg";

header("Content-Description: File Transfer");
header("Content-Disposition: attachment; filename=".basename($absolute_path));
header('Content-Type: application/octet-stream');

# Read the file from disk
readfile($absolute_path);

Open in new window


Seems the code above start image download.
Going to see if the rest works with it.
Avatar of kgp43

ASKER

Works not, not sure what the problem was.

header("Content-Description: File Transfer");
header("Content-Disposition: attachment; filename=".basename($absolute_path));
header('Content-Type: '.$file['mimetype']);

# Read the file from disk
readfile($absolute_path);

Open in new window

ASKER CERTIFIED SOLUTION
Avatar of Ray Paseur
Ray Paseur
Flag of United States of America image

Link to home
membership
Create an account to see this answer
Signing up is free. No credit card required.
Create Account