[PHP] downloading files

2005-05-05 Thread Cima
hi all,

i've uploaded some files into my postgresql db, via a php script,  and now
id like to give a user the posibility to download these files via a php
script. what would be the best way to do this bearing in mind that the files
are 'integrated' into the db and are referenced by an oid. the table that
contains the files has the original filename in one column and the oid of
the file in another column besides  other info on the table.
any sugestion would be highly apreciated!

thanx.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php



Re: [PHP] downloading files

2005-05-05 Thread Greg Donald
On 5/5/05, Cima [EMAIL PROTECTED] wrote:
 i've uploaded some files into my postgresql db, via a php script,  and now
 id like to give a user the posibility to download these files via a php
 script. what would be the best way to do this bearing in mind that the files
 are 'integrated' into the db and are referenced by an oid. the table that
 contains the files has the original filename in one column and the oid of
 the file in another column besides  other info on the table.
 any sugestion would be highly apreciated!

Send the correct file type header() based on the file name's
extension, then send the data.


-- 
Greg Donald
Zend Certified Engineer
http://destiney.com/

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php



Re: [PHP] downloading files

2004-08-23 Thread Aaron Todd
I did exactly what you said but its not working for me.  I am getting the 
following error:

Warning: filesize(): SAFE MODE Restriction in effect. The script whose uid 
is 20373 is not allowed to access /var/www owned by uid 0 in 
/home/virtual/site341/fst/var/www/html/test.php on line 3

I checked the rights and it its exactly what it should be...rwxr-xr-x...for 
all the directories leading to the download directory and all the files in 
the directory.  Is this SAFEMODE error normal or is something turned on in 
that I need to turn off?

Thanks,

Aaron 

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php



Re: [PHP] downloading files

2004-08-20 Thread Aaron Todd
I have been using the following code to try to make it work:
?php
$file = /home/site/member/filename.xxx;
header(Content-Description: File Transfer);
header(Content-Type: application/force-download);
header(Content-Disposition: attachment; filename=.basename($file));
readfile($file);
?

The webroot of my site is at:  /var/www/html

So far this will create a new file on my computer where ever I want, but it 
does not download the contents of the file.

Any suggestions?

Thanks,

Aaron

Octavian Rasnita [EMAIL PROTECTED] wrote in message 
news:[EMAIL PROTECTED]
 You can put the files that need to be downloaded in a directory somewhere
 outside of the web server root, but in that case your PHP program will 
 need
 to read the file and print it to the browser, and it will also need 
 printing
 the HTTP headers:

 Content-type: application/octet-stream
 Content-disposition: attachment; file=$filename
 Content-length: xxx
 [blank line]

 Or you can put the files somewhere on the web server tree, protect the
 directory with .htaccess (username + password), and just put a simple link
 to those files.
 When someone will click that link, it will be asked for a username and
 password in a popup window that the browser will open.

 If you don't want to appear that window, you can set your server to 
 redirect
 the user to a php script, for a certain Status code that is generated when
 authorization is required, and that PHP script can ask nice for a username
 and password that can be used then by the script to allow access to that
 file (but this way might be more complicated without real benefits).

 Teddy

 Teddy

 - Original Message -
 From: Aaron Todd [EMAIL PROTECTED]
 To: [EMAIL PROTECTED]
 Sent: Thursday, August 19, 2004 8:30 PM
 Subject: [PHP] downloading files


 I posted a simular question before and never really got an answer.  The
 post
 drifted off into some other valuable information, but I still have the
 same
 question.

 I am trying to create a site with file downloads.  The files on the 
 server
 that are to be downloaded need to be protected somehow.  I have already
 created a login page for the site so users must log in.  The download
 files
 are in a directory protected by htaccess which it is my understanding 
 that
 PHP can go underneath htaccess to get access to the files.  My problem is
 where do I put this directory?  I was already told to put it outside the
 web
 root directory, but I really dont know where the best place is. 

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php



Re: [PHP] downloading files

2004-08-20 Thread Ramil Sagum
Aaron Todd wrote:
I have been using the following code to try to make it work:
?php
$file = /home/site/member/filename.xxx;
header(Content-Description: File Transfer);
header(Content-Type: application/force-download);
header(Content-Disposition: attachment; filename=.basename($file));
readfile($file);
?
The webroot of my site is at:  /var/www/html
So far this will create a new file on my computer where ever I want, but it 
does not download the contents of the file.

Any suggestions?
Thanks,
Aaron
It seems that PHP can't read the file '/home/site/member/filename.xxx',
what are the permissions for this file?
PHP's rights are the same as the user Apache runs on. This is usually 
httpd or apache in most linux distributions.

In your previous post, you were asking where to best place the file so 
it is protected somehow. You could actually place it in a simpler 
directory like

/var/www/downloads
then set x bit for the _other_ users of the downloads directory, so PHP 
can  access files under it

chmod o+x downloads
and set all files under this directory to be readable by others (esp PHP)
chmod o+r downloads/*
THis way, PHP can't modify files in this directory. And no one can just 
download a file by entering a URL (since the files are outside the 
webserver path).

goodluck!
HTH.

---
ramil
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php


[PHP] downloading files

2004-08-19 Thread Aaron Todd
I posted a simular question before and never really got an answer.  The post
drifted off into some other valuable information, but I still have the same
question.

I am trying to create a site with file downloads.  The files on the server
that are to be downloaded need to be protected somehow.  I have already
created a login page for the site so users must log in.  The download files
are in a directory protected by htaccess which it is my understanding that
PHP can go underneath htaccess to get access to the files.  My problem is
where do I put this directory?  I was already told to put it outside the web
root directory, but I really dont know where the best place is.

Anyone have a suggestion?

Thanks,

Aaron

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php



Re: [PHP] downloading files

2004-08-19 Thread Mario Micklisch
Hi Aaron,
[..]
The download files are in a directory protected by htaccess which it  
is my understanding that PHP can go underneath htaccess to get access  
to the files.  My problem is where do I put this directory?  I was  
already told to put it outside the web root directory,
[..]
Both are good methods to protect your files. And yes, you can access
your files because PHP is working on the servers side and doesnt need
to obey the .htaccess restrictions you defined for user/clients.
With .htaccess protection you can access them by yourself later using  
login/password combination.

Outside your DocumentRoot you won't have the possibility and without  
any help of serverside processes you will not be able to access them.
That way you also dont need to worry about any .htaccess settings :-)

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php


Re: [PHP] downloading files

2004-08-19 Thread Mattias Thorslund
Aaron Todd wrote:
I posted a simular question before and never really got an answer.  The post
drifted off into some other valuable information, but I still have the same
question.
I am trying to create a site with file downloads.  The files on the server
that are to be downloaded need to be protected somehow.  I have already
created a login page for the site so users must log in.  The download files
are in a directory protected by htaccess which it is my understanding that
PHP can go underneath htaccess to get access to the files.  My problem is
where do I put this directory?  I was already told to put it outside the web
root directory, but I really dont know where the best place is.
Anyone have a suggestion?
Thanks,
Aaron
 

I use the following structure (simplified):
/path/to/web/sites
  /website1
 /classes   (php classes)
 /templates (page templates, as with Smarty)
 /documents (put uploaded documents here)
 /webroot   (web-accessible files here)
/img(static images)
/js (javascript files)
Hope this helps.
Mattias
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php


Re: [PHP] downloading files

2004-08-19 Thread Octavian Rasnita
You can put the files that need to be downloaded in a directory somewhere
outside of the web server root, but in that case your PHP program will need
to read the file and print it to the browser, and it will also need printing
the HTTP headers:

Content-type: application/octet-stream
Content-disposition: attachment; file=$filename
Content-length: xxx
[blank line]

Or you can put the files somewhere on the web server tree, protect the
directory with .htaccess (username + password), and just put a simple link
to those files.
When someone will click that link, it will be asked for a username and
password in a popup window that the browser will open.

If you don't want to appear that window, you can set your server to redirect
the user to a php script, for a certain Status code that is generated when
authorization is required, and that PHP script can ask nice for a username
and password that can be used then by the script to allow access to that
file (but this way might be more complicated without real benefits).

Teddy

Teddy

- Original Message -
From: Aaron Todd [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Thursday, August 19, 2004 8:30 PM
Subject: [PHP] downloading files


 I posted a simular question before and never really got an answer.  The
post
 drifted off into some other valuable information, but I still have the
same
 question.

 I am trying to create a site with file downloads.  The files on the server
 that are to be downloaded need to be protected somehow.  I have already
 created a login page for the site so users must log in.  The download
files
 are in a directory protected by htaccess which it is my understanding that
 PHP can go underneath htaccess to get access to the files.  My problem is
 where do I put this directory?  I was already told to put it outside the
web
 root directory, but I really dont know where the best place is.

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php



Re: [PHP] Downloading files outside the webserver

2003-03-05 Thread Daniel Silva
The problem was solved. I added a call to the exit() construct at the end of
the function and haven't had any more problems since.

I would like to thank everyone who helped me.

Cheers,

Daniel


Daniel Silva [EMAIL PROTECTED] wrote in message
news:[EMAIL PROTECTED]
 Hello.

 I tried what you suggested and it's working alright. The problem is, that
it
 doesn't always work. I adapted your suggestion to what I needed. Instead
of
 creating a file, I made a fuction that does basically the same. All listed
 files are links that enable the user to download them.

 So far so good. I tested it on a couple files and it worked. But it seems
to
 fail sometimes, showing what appears to be the contents of the HTTP-Header
 and the file itself. If it's an audio file or something alike, it shows
all
 sorts of weird characters, I assume them to be the actual binary contents
of
 those files. If it's a text file, it shows the file, intact, but on the
 page.

 Again, I haven't been able to establish a pattern of behaviour on this. My
 thesis is that the readfile function may have something to do with this,
as
 it stores the contents of the file in the output buffer and maybe it's
 showing them.

 What troubles me is the fact that it doesn't have a certain behaviour,
 instead, like I said, sometimes works, and sometimes it doesn't.

 Daniel



 Daniel Silva [EMAIL PROTECTED] wrote in message
 news:[EMAIL PROTECTED]
  There's actually a function in (PHP 4 = 4.3.0) that returns a file's
MIME
  type.
 
  Here it is:
  string mime_content_type ( string filename)
 
 
  Marek Kilimajer [EMAIL PROTECTED] wrote in message
  news:[EMAIL PROTECTED]
   Yes, sure, but you many times won't know the mime type and might be
   forced to use application/octet-stream.
   You can do
   if(dirname(realpath($user_files_dir . $_GET['filename'])) ==
   $user_files_dir)
   as a security check
  
   Daniel Silva wrote:
  
   That is a very nice solution, the problem is, the files are stored on
  disk,
   not on the DB. I suppose it can be addapted to work with the disk,
 can't
  it?
   
   Cheers,
   
   Daniel
   
   
   Marek Kilimajer [EMAIL PROTECTED] wrote in message
   news:[EMAIL PROTECTED]
   
   
   create a download php file:
   
   ?php
   
   $res=mysql_query(select * from user_files where
   
   
   filename='$GET['file']');
   
   
   if($res  mysql_num_rows($res)) {
   $file=mysql_fetch_assoc($res);
   if($_GET['downaload']) {
   header('Content-Type: application/octet-stream');
   header('Content-disposition: attachment;
   filename='.basename($file['filename']));
   } else {
   header('Content-Type: '.$file['mimetype']);
   header('Content-disposition: attachment;
   filename='.basename($file['filename']));
   }
   header('Content-Length: '.filesize($file['filename']));
   readfile($file['filename']);
   } else {
   echo 'no such file';
   }
   ?
   
   Then create a link:
   a href=file.php?filename=path/fileview/a
   a href=file.php?filename=path/fileamp;download=1download/a
   
   This example assumes you have a table user_files, where you store
   uploaded files with their mime types, this is a security check
   
   Daniel Silva wrote:
   
   
   
   Hello,
   
   I'm currently working on a multi-user filemanager, on which each
user
  has
   its space on the server and can do all the basic file operations
 we've
   
   
   all
   
   
   seen.
   
   I've looked all over the net and the manual, but I can't seem to
find
  the
   solution for what I want.
   
   The system I'm creating keeps all user files in a folder outside
the
   webserver, this is to say, any folder the admin defines, such as
   /home/john/webusers .
   
   The site shows all files contained in the userdir and lets him
  manipulate
   them. Of course, I want to let the users download their files, but
as
   
   
   they
   
   
   aren't inside the webserver's scope, I just can't simply link to
  them.
   
   Is there any way I can implement this? To download a file located
at
 X
   directory, anywhere in the system? And taking security into
   
   
   consideration,
   
   
   of course.
   
   Thanks in advance,
   
   Daniel Silva
   
   
   
   
   
   
   
   
   
   
   
   
   
   
  
 
 





-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php



[PHP] Downloading files outside the webserver

2003-03-04 Thread Daniel Silva
Hello,

I'm currently working on a multi-user filemanager, on which each user has
its space on the server and can do all the basic file operations we've all
seen.

I've looked all over the net and the manual, but I can't seem to find the
solution for what I want.

The system I'm creating keeps all user files in a folder outside the
webserver, this is to say, any folder the admin defines, such as
/home/john/webusers .

The site shows all files contained in the userdir and lets him manipulate
them. Of course, I want to let the users download their files, but as they
aren't inside the webserver's scope, I just can't simply link to them.

Is there any way I can implement this? To download a file located at X
directory, anywhere in the system? And taking security into consideration,
of course.

Thanks in advance,

Daniel Silva





-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php



Re: [PHP] Downloading files outside the webserver

2003-03-04 Thread Marek Kilimajer
create a download php file:

?php

$res=mysql_query(select * from user_files where filename='$GET['file']');

if($res  mysql_num_rows($res)) {
   $file=mysql_fetch_assoc($res);
   if($_GET['downaload']) {
   header('Content-Type: application/octet-stream');
   header('Content-disposition: attachment; 
filename='.basename($file['filename']));
   } else {
   header('Content-Type: '.$file['mimetype']);
   header('Content-disposition: attachment; 
filename='.basename($file['filename']));
   }
   header('Content-Length: '.filesize($file['filename']));
   readfile($file['filename']);
} else {
   echo 'no such file';
}
?

Then create a link:
a href=file.php?filename=path/fileview/a
a href=file.php?filename=path/fileamp;download=1download/a
This example assumes you have a table user_files, where you store 
uploaded files with their mime types, this is a security check

Daniel Silva wrote:

Hello,

I'm currently working on a multi-user filemanager, on which each user has
its space on the server and can do all the basic file operations we've all
seen.
I've looked all over the net and the manual, but I can't seem to find the
solution for what I want.
The system I'm creating keeps all user files in a folder outside the
webserver, this is to say, any folder the admin defines, such as
/home/john/webusers .
The site shows all files contained in the userdir and lets him manipulate
them. Of course, I want to let the users download their files, but as they
aren't inside the webserver's scope, I just can't simply link to them.
Is there any way I can implement this? To download a file located at X
directory, anywhere in the system? And taking security into consideration,
of course.
Thanks in advance,

Daniel Silva





 



--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php


Re: [PHP] Downloading files outside the webserver

2003-03-04 Thread Daniel Silva
That is a very nice solution, the problem is, the files are stored on disk,
not on the DB. I suppose it can be addapted to work with the disk, can't it?

Cheers,

Daniel


Marek Kilimajer [EMAIL PROTECTED] wrote in message
news:[EMAIL PROTECTED]
 create a download php file:

 ?php

 $res=mysql_query(select * from user_files where
filename='$GET['file']');

 if($res  mysql_num_rows($res)) {
 $file=mysql_fetch_assoc($res);
 if($_GET['downaload']) {
 header('Content-Type: application/octet-stream');
 header('Content-disposition: attachment;
 filename='.basename($file['filename']));
 } else {
 header('Content-Type: '.$file['mimetype']);
 header('Content-disposition: attachment;
 filename='.basename($file['filename']));
 }
 header('Content-Length: '.filesize($file['filename']));
 readfile($file['filename']);
 } else {
 echo 'no such file';
 }
 ?

 Then create a link:
 a href=file.php?filename=path/fileview/a
 a href=file.php?filename=path/fileamp;download=1download/a

 This example assumes you have a table user_files, where you store
 uploaded files with their mime types, this is a security check

 Daniel Silva wrote:

 Hello,
 
 I'm currently working on a multi-user filemanager, on which each user has
 its space on the server and can do all the basic file operations we've
all
 seen.
 
 I've looked all over the net and the manual, but I can't seem to find the
 solution for what I want.
 
 The system I'm creating keeps all user files in a folder outside the
 webserver, this is to say, any folder the admin defines, such as
 /home/john/webusers .
 
 The site shows all files contained in the userdir and lets him manipulate
 them. Of course, I want to let the users download their files, but as
they
 aren't inside the webserver's scope, I just can't simply link to them.
 
 Is there any way I can implement this? To download a file located at X
 directory, anywhere in the system? And taking security into
consideration,
 of course.
 
 Thanks in advance,
 
 Daniel Silva
 
 
 
 
 
 
 




-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php



Re: [PHP] Downloading files outside the webserver

2003-03-04 Thread Marek Kilimajer
Yes, sure, but you many times won't know the mime type and might be 
forced to use application/octet-stream.
You can do
if(dirname(realpath($user_files_dir . $_GET['filename'])) == 
$user_files_dir)
as a security check

Daniel Silva wrote:

That is a very nice solution, the problem is, the files are stored on disk,
not on the DB. I suppose it can be addapted to work with the disk, can't it?
Cheers,

Daniel

Marek Kilimajer [EMAIL PROTECTED] wrote in message
news:[EMAIL PROTECTED]
 

create a download php file:

?php

$res=mysql_query(select * from user_files where
   

filename='$GET['file']');
 

if($res  mysql_num_rows($res)) {
   $file=mysql_fetch_assoc($res);
   if($_GET['downaload']) {
   header('Content-Type: application/octet-stream');
   header('Content-disposition: attachment;
filename='.basename($file['filename']));
   } else {
   header('Content-Type: '.$file['mimetype']);
   header('Content-disposition: attachment;
filename='.basename($file['filename']));
   }
   header('Content-Length: '.filesize($file['filename']));
   readfile($file['filename']);
} else {
   echo 'no such file';
}
?
Then create a link:
a href=file.php?filename=path/fileview/a
a href=file.php?filename=path/fileamp;download=1download/a
This example assumes you have a table user_files, where you store
uploaded files with their mime types, this is a security check
Daniel Silva wrote:

   

Hello,

I'm currently working on a multi-user filemanager, on which each user has
its space on the server and can do all the basic file operations we've
 

all
 

seen.

I've looked all over the net and the manual, but I can't seem to find the
solution for what I want.
The system I'm creating keeps all user files in a folder outside the
webserver, this is to say, any folder the admin defines, such as
/home/john/webusers .
The site shows all files contained in the userdir and lets him manipulate
them. Of course, I want to let the users download their files, but as
 

they
 

aren't inside the webserver's scope, I just can't simply link to them.

Is there any way I can implement this? To download a file located at X
directory, anywhere in the system? And taking security into
 

consideration,
 

of course.

Thanks in advance,

Daniel Silva







 



 



--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php


Re: [PHP] Downloading files outside the webserver

2003-03-04 Thread Daniel Silva
There's actually a function in (PHP 4 = 4.3.0) that returns a file's MIME
type.

Here it is:
string mime_content_type ( string filename)


Marek Kilimajer [EMAIL PROTECTED] wrote in message
news:[EMAIL PROTECTED]
 Yes, sure, but you many times won't know the mime type and might be
 forced to use application/octet-stream.
 You can do
 if(dirname(realpath($user_files_dir . $_GET['filename'])) ==
 $user_files_dir)
 as a security check

 Daniel Silva wrote:

 That is a very nice solution, the problem is, the files are stored on
disk,
 not on the DB. I suppose it can be addapted to work with the disk, can't
it?
 
 Cheers,
 
 Daniel
 
 
 Marek Kilimajer [EMAIL PROTECTED] wrote in message
 news:[EMAIL PROTECTED]
 
 
 create a download php file:
 
 ?php
 
 $res=mysql_query(select * from user_files where
 
 
 filename='$GET['file']');
 
 
 if($res  mysql_num_rows($res)) {
 $file=mysql_fetch_assoc($res);
 if($_GET['downaload']) {
 header('Content-Type: application/octet-stream');
 header('Content-disposition: attachment;
 filename='.basename($file['filename']));
 } else {
 header('Content-Type: '.$file['mimetype']);
 header('Content-disposition: attachment;
 filename='.basename($file['filename']));
 }
 header('Content-Length: '.filesize($file['filename']));
 readfile($file['filename']);
 } else {
 echo 'no such file';
 }
 ?
 
 Then create a link:
 a href=file.php?filename=path/fileview/a
 a href=file.php?filename=path/fileamp;download=1download/a
 
 This example assumes you have a table user_files, where you store
 uploaded files with their mime types, this is a security check
 
 Daniel Silva wrote:
 
 
 
 Hello,
 
 I'm currently working on a multi-user filemanager, on which each user
has
 its space on the server and can do all the basic file operations we've
 
 
 all
 
 
 seen.
 
 I've looked all over the net and the manual, but I can't seem to find
the
 solution for what I want.
 
 The system I'm creating keeps all user files in a folder outside the
 webserver, this is to say, any folder the admin defines, such as
 /home/john/webusers .
 
 The site shows all files contained in the userdir and lets him
manipulate
 them. Of course, I want to let the users download their files, but as
 
 
 they
 
 
 aren't inside the webserver's scope, I just can't simply link to
them.
 
 Is there any way I can implement this? To download a file located at X
 directory, anywhere in the system? And taking security into
 
 
 consideration,
 
 
 of course.
 
 Thanks in advance,
 
 Daniel Silva
 
 
 
 
 
 
 
 
 
 
 
 
 
 




-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php



Re: [PHP] Downloading files outside the webserver

2003-03-04 Thread Daniel Silva
Hello.

I tried what you suggested and it's working alright. The problem is, that it
doesn't always work. I adapted your suggestion to what I needed. Instead of
creating a file, I made a fuction that does basically the same. All listed
files are links that enable the user to download them.

So far so good. I tested it on a couple files and it worked. But it seems to
fail sometimes, showing what appears to be the contents of the HTTP-Header
and the file itself. If it's an audio file or something alike, it shows all
sorts of weird characters, I assume them to be the actual binary contents of
those files. If it's a text file, it shows the file, intact, but on the
page.

Again, I haven't been able to establish a pattern of behaviour on this. My
thesis is that the readfile function may have something to do with this, as
it stores the contents of the file in the output buffer and maybe it's
showing them.

What troubles me is the fact that it doesn't have a certain behaviour,
instead, like I said, sometimes works, and sometimes it doesn't.

Daniel



Daniel Silva [EMAIL PROTECTED] wrote in message
news:[EMAIL PROTECTED]
 There's actually a function in (PHP 4 = 4.3.0) that returns a file's MIME
 type.

 Here it is:
 string mime_content_type ( string filename)


 Marek Kilimajer [EMAIL PROTECTED] wrote in message
 news:[EMAIL PROTECTED]
  Yes, sure, but you many times won't know the mime type and might be
  forced to use application/octet-stream.
  You can do
  if(dirname(realpath($user_files_dir . $_GET['filename'])) ==
  $user_files_dir)
  as a security check
 
  Daniel Silva wrote:
 
  That is a very nice solution, the problem is, the files are stored on
 disk,
  not on the DB. I suppose it can be addapted to work with the disk,
can't
 it?
  
  Cheers,
  
  Daniel
  
  
  Marek Kilimajer [EMAIL PROTECTED] wrote in message
  news:[EMAIL PROTECTED]
  
  
  create a download php file:
  
  ?php
  
  $res=mysql_query(select * from user_files where
  
  
  filename='$GET['file']');
  
  
  if($res  mysql_num_rows($res)) {
  $file=mysql_fetch_assoc($res);
  if($_GET['downaload']) {
  header('Content-Type: application/octet-stream');
  header('Content-disposition: attachment;
  filename='.basename($file['filename']));
  } else {
  header('Content-Type: '.$file['mimetype']);
  header('Content-disposition: attachment;
  filename='.basename($file['filename']));
  }
  header('Content-Length: '.filesize($file['filename']));
  readfile($file['filename']);
  } else {
  echo 'no such file';
  }
  ?
  
  Then create a link:
  a href=file.php?filename=path/fileview/a
  a href=file.php?filename=path/fileamp;download=1download/a
  
  This example assumes you have a table user_files, where you store
  uploaded files with their mime types, this is a security check
  
  Daniel Silva wrote:
  
  
  
  Hello,
  
  I'm currently working on a multi-user filemanager, on which each user
 has
  its space on the server and can do all the basic file operations
we've
  
  
  all
  
  
  seen.
  
  I've looked all over the net and the manual, but I can't seem to find
 the
  solution for what I want.
  
  The system I'm creating keeps all user files in a folder outside the
  webserver, this is to say, any folder the admin defines, such as
  /home/john/webusers .
  
  The site shows all files contained in the userdir and lets him
 manipulate
  them. Of course, I want to let the users download their files, but as
  
  
  they
  
  
  aren't inside the webserver's scope, I just can't simply link to
 them.
  
  Is there any way I can implement this? To download a file located at
X
  directory, anywhere in the system? And taking security into
  
  
  consideration,
  
  
  of course.
  
  Thanks in advance,
  
  Daniel Silva
  
  
  
  
  
  
  
  
  
  
  
  
  
  
 





-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php



[PHP] Downloading files

2003-02-23 Thread Anthony Rodriguez
Hi!

In PHP, is there a way to allow the user to download a file (e.g.: 
sample.txt) to their computer? And, then, automatically return to the 
PHP-generated Web page.

How can the file be stored in C:\sample.txt, for example?

Thanks!

Tony





--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php


Re: [PHP] Downloading files

2003-02-23 Thread Justin French
on 24/02/03 1:01 AM, Anthony Rodriguez ([EMAIL PROTECTED]) wrote:

 In PHP, is there a way to allow the user to download a file (e.g.:
 sample.txt) to their computer? And, then, automatically return to the
 PHP-generated Web page.

why do you need to re-run the page?  it can be done with a bit of messing
around, but i can't imagine why :)

you can force the download of a file by setting the correct headers using
header() and passing the file through.  see the user notes on
http://php.net/header.


if you're only talking about text files, then why not simply do a
href='blah/sample.txt' target='_blank'click/a ???

This will pop it up in a new window, leave the original window untouched,
and they can choose save as from the file menu.

if for some reason you DO want the original window to be refreshed, this
could easily be done with a javascript onclick event in the above a tag.


 How can the file be stored in C:\sample.txt, for example?

you have no control over where the user downloads the file to -- it's
entirely up to them and/or their browser settings.  actually, forcing a
download really isn't true... in most cases your really forcing a 'save
file as...' dialogue window.


Justin



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php



[PHP] Downloading files - Plz hlp

2003-02-23 Thread Anthony Rodriguez
Hi!

In PHP, is there a way to allow the user to download a demo file (e.g.: 
sample.exe) to their computer? And, then, automatically return to the Web site?

Thanks!

Tony





--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php


Re: [PHP] Downloading files - Plz hlp

2003-02-23 Thread Ernest E Vogelsinger
At 00:52 24.02.2003, Anthony Rodriguez said:
[snip]
In PHP, is there a way to allow the user to download a demo file (e.g.: 
sample.exe) to their computer? And, then, automatically return to the Web
site?
[snip] 

A couple of. Generally a browser will not leave the current page when
starting a file download - it simply remains on the page.

As for your question:

1) Generate a link to the exe file within your HTML output:
echo 'a href=sample.exeGet the sample.exe file/a';

2) If you don't have a file but need to construct it on the fly (or it is
not directly accessible from within your webserver), simply echo out the
data after sending an appropriate MIME headers.

Assuming you have the file contents in a variable called $export:

header('Content-Type: application/octet-stream');
header('Content-Length: ' . strlen($export));
header('Content-Disposition: attachment;filename=sample.exe'); 
echo $export;
exit();


-- 
   O Ernest E. Vogelsinger
   (\)ICQ #13394035
^ http://www.vogelsinger.at/



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php



[PHP] Downloading Files

2002-06-25 Thread Francis

I want to protect files from being downloaded and only allow people to
download files which they have access too. I've done all the access control
etc... but whats the best way for the user to download the file... Can you
paste the file directly into the header? (get the file from the
filesystem, mime encode it and put it in the header?) or copying the file to
a web viewable temp dir to allow the user to download it? (dont really want
to do this).

Thanks



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php




Re: [PHP] Downloading Files

2002-06-25 Thread Justin French

Either of these options will work fine.  There was MASSIVE disscussions
about this a few weeks back -- check for threads started by myself in the
archives.

Justin French




on 26/06/02 12:35 AM, Francis ([EMAIL PROTECTED]) wrote:

 I want to protect files from being downloaded and only allow people to
 download files which they have access too. I've done all the access control
 etc... but whats the best way for the user to download the file... Can you
 paste the file directly into the header? (get the file from the
 filesystem, mime encode it and put it in the header?) or copying the file to
 a web viewable temp dir to allow the user to download it? (dont really want
 to do this).
 
 Thanks
 
 


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php




Re: [PHP] Downloading Files

2002-06-25 Thread Francis

got it!! :)

$filename = backup.tar;
$download_file = /absolute/path/backup.tar;
$fh = fopen($download_file, r);
header(Content-Type: application/x-tar);
header(Content-Disposition: attachment; filename=$filename);
fpassthru($fh);
exit();

Thanks a lot!! :)

Justin French [EMAIL PROTECTED] wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 Either of these options will work fine.  There was MASSIVE disscussions
 about this a few weeks back -- check for threads started by myself in the
 archives.

 Justin French




 on 26/06/02 12:35 AM, Francis ([EMAIL PROTECTED]) wrote:

  I want to protect files from being downloaded and only allow people to
  download files which they have access too. I've done all the access
control
  etc... but whats the best way for the user to download the file... Can
you
  paste the file directly into the header? (get the file from the
  filesystem, mime encode it and put it in the header?) or copying the
file to
  a web viewable temp dir to allow the user to download it? (dont really
want
  to do this).
 
  Thanks
 
 




-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php




RE: [PHP] Downloading Files

2002-06-25 Thread John Holmes

 I want to protect files from being downloaded and only allow people to
 download files which they have access too. I've done all the access
 control
 etc... but whats the best way for the user to download the file... Can
you
 paste the file directly into the header? (get the file from the
 filesystem, mime encode it and put it in the header?) or copying the
file
 to
 a web viewable temp dir to allow the user to download it? (dont really
 want
 to do this).

Search the archives...

Download.php
?
Session_start();
If(isset($_SESSION['valid_user']))
{
  header(some file type content header);
  readfile($download_dir . $filename);
}
else
{ echo you're not a valid user; }
?

Adapt to your needs and don't even try this if you're not going to
validate the download directory and filename...

---John Holmes...




-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php




[PHP] Downloading files

2002-04-09 Thread Declan Kenny

Hi folks,

Ok I am trying to make a download area for files (including word files).
How do I force a download of a word document rather than have it opening in
IE?

Declan



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php




Re: [PHP] Downloading files

2002-04-09 Thread Matt Williams


On Tuesday 09 April 2002 11:20, Declan Kenny wrote:
 Hi folks,

 Ok I am trying to make a download area for files (including word files).
 How do I force a download of a word document rather than have it opening in
 IE?

 Declan

You don't. This option is set in windows exploror. as part of the file type
options.

I can tell you where exactly if you want to go round updating all windows/IE
users machines. I'll do mine for you as a start ;)

matt

---

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php




Re: [PHP] Downloading files

2002-04-09 Thread Scott Houseman

Try this:

?php
// Open the file to send.
$sFilePath = /home/scott/public_html/TEST.doc;
$iFilePointer = fopen( $sFilePath, r );
// Get file content.
$sContents = fread( $iFilePointer, filesize( $sFilePath ) );
// Close the file.
fclose( $iFilePointer );
// Send HTTP headers.
header( Expires: 0 );
header( Cache-Control: no-cache );
header( Content-Type: application/save-as );
header( Content-Disposition: attachment; filename=.basename(
$sFilePath ).;);
header( Content-Length: .filesize( $sFilePath ) );
// Feed file to client.
echo $sContents;
?

As you give the client Content-Type: application/save-as - it will not know
what mime type the file is,
and the browser will give the user a save-as prompt.
This works in explorer - I haven't checked it in Mozilla etc - so you might
have to tweak it a bit.

Cheers

Scott
- Original Message -
From: Declan Kenny [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Tuesday, April 09, 2002 1:20 PM
Subject: [PHP] Downloading files


 Hi folks,

 Ok I am trying to make a download area for files (including word files).
 How do I force a download of a word document rather than have it opening
in
 IE?

 Declan



 --
 PHP General Mailing List (http://www.php.net/)
 To unsubscribe, visit: http://www.php.net/unsub.php




-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php




Re: [PHP] Downloading files

2002-04-09 Thread Jim Koutoumis

Using this method,.. works OK if you choose to save the file, however if you
choose to open the file you get a weird behaviour where IE says it can't
find the file and a subsequent prompt to create a new one. Does anyone know
why it does this and how to overcome it ?

At this stage I've resorted to using some simple javascript to prevent a
user clicking on a file and advising them to use right-click save-as until I
come up with a more reliable method.

Scott Houseman [EMAIL PROTECTED] wrote in message
003e01c1dfdf$7b3a6490$0b01a8c0@scotth">news:003e01c1dfdf$7b3a6490$0b01a8c0@scotth...
 Try this:

 ?php
 // Open the file to send.
 $sFilePath = /home/scott/public_html/TEST.doc;
 $iFilePointer = fopen( $sFilePath, r );
 // Get file content.
 $sContents = fread( $iFilePointer, filesize( $sFilePath ) );
 // Close the file.
 fclose( $iFilePointer );
 // Send HTTP headers.
 header( Expires: 0 );
 header( Cache-Control: no-cache );
 header( Content-Type: application/save-as );
 header( Content-Disposition: attachment; filename=.basename(
 $sFilePath ).;);
 header( Content-Length: .filesize( $sFilePath ) );
 // Feed file to client.
 echo $sContents;
 ?

 As you give the client Content-Type: application/save-as - it will not
know
 what mime type the file is,
 and the browser will give the user a save-as prompt.
 This works in explorer - I haven't checked it in Mozilla etc - so you
might
 have to tweak it a bit.

 Cheers

 Scott
 - Original Message -
 From: Declan Kenny [EMAIL PROTECTED]
 To: [EMAIL PROTECTED]
 Sent: Tuesday, April 09, 2002 1:20 PM
 Subject: [PHP] Downloading files


  Hi folks,
 
  Ok I am trying to make a download area for files (including word files).
  How do I force a download of a word document rather than have it opening
 in
  IE?
 
  Declan
 
 
 
  --
  PHP General Mailing List (http://www.php.net/)
  To unsubscribe, visit: http://www.php.net/unsub.php
 
 




-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php




Re: [PHP] Downloading files

2002-04-09 Thread Jason Wong

On Wednesday 10 April 2002 08:54, Jim Koutoumis wrote:
 Using this method,.. works OK if you choose to save the file, however if
 you choose to open the file you get a weird behaviour where IE says it
 can't find the file and a subsequent prompt to create a new one. Does
 anyone know why it does this and how to overcome it ?

 At this stage I've resorted to using some simple javascript to prevent a
 user clicking on a file and advising them to use right-click save-as until
 I come up with a more reliable method.

Try removing the Expires  Cache-Control headers. I doubt you'll be able 
to find a reliable way that works under all flavours of IE. Some versions of 
IE tries to open file regardless of what you tell it to do.

-- 
Jason Wong - Gremlins Associates - www.gremlins.com.hk
Open Source Software Systems Integrators
* Web Design  Hosting * Internet  Intranet Applications Development *

/*
While most peoples' opinions change, the conviction of their
correctness never does.
*/

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php




[PHP] Downloading files/docs

2002-02-21 Thread Jim Koutoumis

Hi all,

I've seen some posts and info elsewhere regarding downloading files - mostly
stating problems with the way IE handles this function.

What I'm trying to do is :
1 - offer files,.. .doc, .zip and others
2 - allow the user to click on a URL, or button
3 - have the options to Open or Save
4 - NOT have MS-Word come up within the browser window if user
 chooses to Open
5 - IE save the file properly

Netscape seems to do all the rights things. But I want to get IE working,
(as best I can).

I'm using the following code-snippet within a PHP script,... browser type
gets checked earlier in the script,..

Currently, to avoid IE displaying .doc files within its window, I've
prevented the user from 'left-clicking' on the file's anchor with some
simple JS and forcing them to do a Save-As, which seems to work for IE, but
Netscape defaults to the URL for the name of the file :-(

Is there a better way to achieve all of the above ??

Is it possible to stop IE from opening the .doc within its browser window ??

Any advice would be greatly appreciated.

Thanks,

Jim.

  // get the filename
  $filename = $dataDIR . $fileid . .dat;

  if ($browserType == IE) {
  $attachment=;
  } else {
  $attachment=attachment;;
  }
$attachment=;
$fn=urldecode($realname);

header('Content-Disposition:'.$attachment.' filename='.$fn.'');
header('Content-Type: application/octet-stream');
header('Content-Description: download file from site');
header('Content-Length: '.filesize($filename) );
header('Pragma: no-cache');
header('Expires: 0');

readfile($filename);



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php