Solved

Header/readfile does not work when trying to display image outside of website root

Posted on 2013-01-01
8
328 Views
Last Modified: 2013-01-04
Hi,

I'm using this code to open an image saved outside of web root (home/kenneth/uploads/...)
It works fine in both IE and FF, but it does not work in Chrome - it just keep loading.

# Set headers
header("Cache-Control: public");
header("Content-Description: File Transfer");
header("Content-Disposition: attachment; filename=".$file['original_filename']);
header("Content-Type: application/octet-stream");
header("Content-Transfer-Encoding: binary");
header("Content-Length: ".filesize($absolute_path));

ob_clean();
flush();

# Read the file from disk
readfile($absolute_path);

Open in new window

$file['download_path'] = "http://".$file['hostname']."/download.php?token=".$token;

<img style="margin: 15px; max-width: 870px" src="<?php echo $file['download_path']; ?>" alt="<?php echo $file['original_filename']; ?>" />

Open in new window

0
Comment
Question by:kgp43
  • 4
  • 4
8 Comments
 
LVL 109

Expert Comment

by:Ray Paseur
ID: 38734458
What are you trying to accomplish?  Is it to render an image in the browser viewport or force a download?
0
 

Author Comment

by:kgp43
ID: 38734481
Display an image located outside public_html

Ex.

<img src="/photo.php?fileid=xxxx" />

Photo.php

# Set headers
header("Cache-Control: public");
header("Content-Description: File Transfer");
header("Content-Disposition: attachment; filename=".$file['original_filename']);
header("Content-Type: application/octet-stream");
header("Content-Transfer-Encoding: binary");
header("Content-Length: ".filesize($absolute_path));

ob_clean();
flush();

# Read the file from disk
readfile($absolute_path);

Open in new window


The image appear correctly in both Firefox and IE, but not in Chrome. Chrome just keep loading, no image appears.
0
 
LVL 109

Expert Comment

by:Ray Paseur
ID: 38734528
You may have a lot more headers than you need.  This article describes how I do it.
http://www.experts-exchange.com/Web_Development/Web_Languages-Standards/PHP/A_10065-Adding-a-Watermark-to-an-Image.html

IIRC the only header you really need is Content-type
0
Master Your Team's Linux and Cloud Stack!

The average business loses $13.5M per year to ineffective training (per 1,000 employees). Keep ahead of the competition and combine in-person quality with online cost and flexibility by training with Linux Academy.

 
LVL 109

Expert Comment

by:Ray Paseur
ID: 38734531
I am also a little suspicious of this.  Why do you use that function?
http://php.net/manual/en/function.ob-clean.php
0
 

Author Comment

by:kgp43
ID: 38734588
Hi Ray,

Does not matter what I do, nothing loads in Chrome for me.
http://fs01.imgdrive.com/download.php?token=3L9QZB

header("Content-Description: File Transfer");
header("Content-Disposition: attachment; filename=".$file['original_filename']);
header('Content-Type: '.$file['mimetype']);

# Read the file from disk
readfile($absolute_path);

Open in new window


I removed ob_flush and cleaned up the headers. Seems I need the extra two or it's not possible to save the image with original filename when right-clicking (save as).
0
 

Author Comment

by:kgp43
ID: 38734610
More error checking.
http://fs01.imgdrive.com/test.php

$absolute_path = "/home/fs01/uploads/2012/12/31/v3hbspfc9d_image.jpg";

header("Content-Description: File Transfer");
header("Content-Disposition: attachment; filename=".basename($absolute_path));
header('Content-Type: application/octet-stream');

# Read the file from disk
readfile($absolute_path);

Open in new window


Seems the code above start image download.
Going to see if the rest works with it.
0
 

Author Comment

by:kgp43
ID: 38734647
Works not, not sure what the problem was.

header("Content-Description: File Transfer");
header("Content-Disposition: attachment; filename=".basename($absolute_path));
header('Content-Type: '.$file['mimetype']);

# Read the file from disk
readfile($absolute_path);

Open in new window

0
 
LVL 109

Accepted Solution

by:
Ray Paseur earned 500 total points
ID: 38734694
Probably just getting rid of the inappropriate headers like Application/Octet Stream was all that was needed.
0

Featured Post

Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
mysql between clause 2 25
php function to remove a file 31 42
applying error reporting code to see paypal error messages 13 59
PHP strings vs array errors 13 23
Introduction HTML checkboxes provide the perfect way for a web developer to receive client input when the client's options might be none, one or many.  But the PHP code for processing the checkboxes can be confusing at first.  What if a checkbox is…
Introduction This article is intended for those who are new to PHP error handling (https://www.experts-exchange.com/articles/11769/And-by-the-way-I-am-New-to-PHP.html).  It addresses one of the most common problems that plague beginning PHP develop…
The viewer will learn how to dynamically set the form action using jQuery.
The viewer will learn how to create a basic form using some HTML5 and PHP for later processing. Set up your basic HTML file. Open your form tag and set the method and action attributes.: (CODE) Set up your first few inputs one for the name and …

803 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question