Ok think I am all good now. Added ...
$fh = fopen("$download_file", "r");
then changed ...
passthru($download_file);
to
fpassthru($fh);
Thanks, again!
"Fargo Lee" <[EMAIL PROTECTED]> wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Thanks for the code, I think I am getting there but an empty file gets
> downloaded when I load the following script. See any problems?
>
> <?php
> $filename = "backup.tar";
> $download_file = "/absolute/path/backup.tar";
> header("Content-Type: application/x-tar");
> header("Content-Disposition: attachment; filename=$filename");
> passthru($download_file);
> exit();
> ?>
>
> I verified my server is setup to handle tar files with application/x-tar.
I
> also replaced ...
>
> header("Content-Type: application/x-tar");
>
> with
>
> header("Content-Type: application/octet-stream");
>
> and it did not make a difference. I am using IE 6 if it matters. Any
ideas?
>
> "1lt John W. Holmes" <[EMAIL PROTECTED]> wrote in message
> 00c401c216d4$4fc1bd50$2f7e3393@TB447CCO3">news:00c401c216d4$4fc1bd50$2f7e3393@TB447CCO3...
> > I thought we answered this question already!
> >
> > It's simple. On your login page or whatever, you start a session and set
a
> > variable saying that the user is logged in.
> >
> > <?
> > session_start();
> > //check username and password
> > //if good...
> > $_SESSION['logged_in'] = 1;
> > ?>
> >
> > Now, the most secure way to protect your files is to place them above
your
> > web root. Then no one can ever get to them through a browser (directly
to
> > the file). If you can't do that, then place them in a folder with a long
> > name that's going to be hard to guess.
> >
> > Then, you have a download.php file that you direct all requests for
> > downloads to. You'll also have to pass it a code to identify which file
> the
> > user means to download. This can be an ID from a database, or an actual
> > filename.
> >
> > download.php?ID=4
> > download.php?Filename=music
> > etc...
> >
> > In download.php you check for an active session. If it's good, then you
> send
> > the appropriate header() for the file the user wants to download and
then
> > use passthru() to send them the file. Make sure you are only sending
them
> a
> > file from your download directory, wherever that is. Make sure they
don't
> > pass you a path to a file they shouldn't be looking at.
> >
> > <?
> > session_start();
> > if(isset($_SESSION['logged_in']))
> > {
> > //session is good
> > //retrieve name of file (whether in URL or Database
> > $file = $_GET['Filename'] . ".mp3"
> > $download_dir = "/home/user/me/downloads/music/
> > $download_file = $download_dir . $file
> > header("content-type: application-whatever-mp3-x");
> > header("content-disposition: attachement filename='$file'");
> > passthru($download_file);
> > exit();
> > }
> > else
> > {
> > echo "<html><body>Please log in</body></html>";
> > }
> > ?>
> >
> > I don't remember the exact header() format, and it's dependent on the
> types
> > of files your offering, but you should get the idea.
> >
> > Adapt to your needs, but this is the basics of it. Check for a valid
> > session, if it exists, send appropriate headers and use passthru() to
send
> > the file. (you can use file(), fopen(), whatever, as long as you send
the
> > content of the file after the headers...). If session doesn't match up,
> send
> > an HTML page.
> >
> > Hopefully this thread will die now...
> >
> > ---John Holmes...
> >
> >
> > ----- Original Message -----
> > From: "Nathan Taylor" <[EMAIL PROTECTED]>
> > To: "Fargo Lee" <[EMAIL PROTECTED]>
> > Cc: <[EMAIL PROTECTED]>
> > Sent: Tuesday, June 18, 2002 5:42 AM
> > Subject: Re: [PHP] How do I hide download link ...
> >
> >
> > >
> > > ----- Original Message -----
> > > From: "Fargo Lee" <[EMAIL PROTECTED]>
> > > To: <[EMAIL PROTECTED]>
> > > Sent: Wednesday, June 12, 2002 4:14 PM
> > > Subject: [PHP] How do I hide download link ...
> > >
> > >
> > > > Hi, my customers go through a password authentication to access a
link
> > on
> > > my
> > > > site to download a file. I want to prevent the distribution of the
> > > location
> > > > of this file on my server by making it hidden. Is there any php
> > > function(s)
> > > > that could assist in doing this?
> > > >
> > > > All I can think of so far is storing the original file in a hard to
> > guess
> > > > directory, when a authenticated customer goes to download it, send
> them
> > to
> > > a
> > > > script that copys the original file to a temp directory, they
download
> > the
> > > > file in the temp directory and then run a cron every so many minutes
> to
> > > > clear out the files in the temp directory.
> > > >
> > > > If anyone has any ideas, examples or a way to improve on what I came
> up
> > > with
> > > > please respond. Thanks!
> > > >
> > > >
> > > >
> > > > --
> > > > PHP General Mailing List (http://www.php.net/)
> > > > To unsubscribe, visit: http://www.php.net/unsub.php
> > > >
> > > >
> > >
> > > --
> > > PHP General Mailing List (http://www.php.net/)
> > > To unsubscribe, visit: http://www.php.net/unsub.php
> > >
> >
>
>
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
