PHP - Authenticate User Before Downloading File

Hello everyone.
I have a problem with some of my php script.

I have some php code that downloads a remote file and directly outputs it to the user. It works and all, it's just that when I do it on my Ubuntu LAMP server, downloading a file takes up a lot of ram. On my Windows WAMP server it works correctly and doesn't use up so much ram. Is this a problem with my code, or is it a server configuration?

Below is the code I use to download the file.
Code: [Select]

public function output_file($file, $name, $mime_type='', $size)
   {
   session_write_close();
    /*
    This function takes a path to a file to output ($file),
    the filename that the browser will see ($name) and
    the MIME type of the file ($mime_type, optional).
   
    If you want to do something on download abort/finish,
    register_shutdown_function('function_name');
    */
    if(is_readable($file)) die('File not found or inaccessible!');
    /*
    $size = $size;
    $name = rawurldecode($name); */
   
    /* Figure out the MIME type (if not specified) */
    $known_mime_types=array(
      "pdf" => "application/pdf",
      "txt" => "text/plain",
      "html" => "text/html",
      "htm" => "text/html",
      "exe" => "application/octet-stream",
      "zip" => "application/zip",
      "doc" => "application/msword",
      "xls" => "application/vnd.ms-excel",
      "ppt" => "application/vnd.ms-powerpoint",
      "gif" => "image/gif",
      "png" => "image/png",
      "jpeg"=> "image/jpg",
      "jpg" =>  "image/jpg",
      "php" => "text/plain"
    );
   
    if($mime_type==''){
       $file_extension = strtolower(substr(strrchr($file,"."),1));
       if(array_key_exists($file_extension, $known_mime_types)){
         $mime_type=$known_mime_types[$file_extension];
       } else {
         $mime_type="application/x-rar-compressed";
       };
    };
   
    @ob_end_clean(); //turn off output buffering to decrease cpu usage
   
    // required for IE, otherwise Content-Disposition may be ignored
    if(ini_get('zlib.output_compression'))
     ini_set('zlib.output_compression', 'Off');
   
    header('Content-Type: ' . $mime_type);
    header('Content-Disposition: attachment; filename="'.$name.'"');
    header("Content-Transfer-Encoding: binary");
    header('Accept-Ranges: bytes');
   
    /* The three lines below basically make the
      download non-cacheable */
    header("Cache-control: no-cache");
    //header('Pragma: private');
   // header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
   
    // multipart-download and download resuming support
    if(isset($_SERVER['HTTP_RANGE']))
    {
      list($a, $range) = explode("=",$_SERVER['HTTP_RANGE'],2);
      list($range) = explode(",",$range,2);
      list($range, $range_end) = explode("-", $range);
      $range=intval($range);
      if(!$range_end) {
         $range_end=$size-1;
      } else {
         $range_end=intval($range_end);
      }
   
      $new_length = $range_end-$range+1;
      header("HTTP/1.1 206 Partial Content");
      header("Content-Length: $new_length");
      header("Content-Range: bytes $range-$range_end/$size");
    } else {
      $new_length=$size;
      header("Content-Length: ".$size);
    }
   
    /* output the file itself */
    $chunksize = 1*(1024)*(1024); //you may want to change this
    $bytes_send = 0;
    if ($file = fopen($file, 'r'))
    {
      if(isset($_SERVER['HTTP_RANGE']))
      fseek($file, $range);
   
      while(!feof($file) &&
         (!connection_aborted()) &&
         ($bytes_send<$new_length)
           )
      {
         $buffer = fread($file, $chunksize);
         print($buffer); //echo($buffer); // is also possible
         flush();
         $bytes_send += strlen($buffer);
      }
    fclose($file);
    } else die('Error - can not open file.');
   
   die();
   }
   // END OUTPUT_FILE function

Hello There  ,

I want to download a file from the server to the computer  .


How can i do this ??

i found out this code:

header("Content-type: image/jpg");
header("Content-Disposition: attachment; filename=test.jpg");


the problem is , what i get is the file that the code was executed from saved in the .jpg format.

how can i direct to a specified path to select a certain file then download it .

example
let's say i have a folder that contains 2 files:
download.php and image.jpg

how can i download the image.jpg from the server with the Save As window??

Thank You

Hello,

Ive got a script that downloads a file to my server. I want to be able to download a file from a site such as FileServe using my premium details. Ive tried http://username:password@fileserve.com/file.rar but that dosent work, It just downloads a tiny small 30kb file.

Is there a way i can set a cookie or somthing so my script has access to download file using my premium account?

Thanks in advance

I wonder if some kind-hearted person can help me?
I am trying to download a video file which has a wmv. The protocol is either mms:// or http://

I can see the video in my browser but I cannot download it using curl or wget in a program and I need to download a few of these.
They are publicly viewable so they are not private stuff.
The URL is http://210.150.12.140/vod11/tepco/other/1111_01.wmv?MSWMExt=.asf
or
mms://wmt.stream.co.jp/vod11/tepco/other/1111_01.wmv

All I get at the moment is a text file of less than 1K and not the movie itself.
How would I download this file please?
Thanks
Paul

I have a script that will download a file from my server onto the user's computer. The problem is it's adding the pages HTML to the top of the file. When I actually look at the file on my server it does NOT have the HTML there, so it has to be some sort of problem with my headers.

Code: [Select]
<?php

$fname = "keyword_files/".$this->fileID.".csv";

header('Content-type: application/csv');
header("Content-Disposition: inline; filename=".$fname);
readfile($fname);

?>

I would appreciate any help! Thanks.

Hi,

I want to download more than one file at a time. But now I can't download any of them that way. I want to solve it the way it is in gmail, i.e. I download either 1 file separately or if there are two or more, it is zipped.

Thanks in advanced,

T

<!-- images -->
      <section class="card shadow mb-3">

        <form action="index.php?lg=<?php echo $lng; ?>&c=text" method="post" enctype="multipart/form-data">
      <header class="card-header navbar-custom"><h3 class="text-center"><?php echo $new_document_h3_images; ?></h3></header>
      <div class="row">
        <?php
$files = glob('./tekstovi/' . $user_txt_year . '/' . $user_txt_nr . '/' . $text_page . '/' . $user_txt_year . '_' . $user_txt_nr . '_' . $text_nr . '_' . $text_page . '_img_' . '*.{doc,docx,odt,pdf,jpg,JPG,jpeg,png,gif,psd,eps,ai,tiff,tif}', GLOB_BRACE);
$dir = './tekstovi/' . $user_txt_year . '/' . $user_txt_nr . '/' . $text_page . '/';
//$index = '0';
for ($i = 0; $i < count($files); $i++) {
  $image = $files[$i];

  ?>
        <div class="col-sm-4 py-2">
          <div class="card h-100">
            <input type='checkbox' style="position: absolute; left: 10px; top: 10px;" name='boxes[]' value='<?php echo basename($image); ?>' />

            <?php echo '<img class="img-fluid" src="' . $image . '" alt="" />'; ?>
            <div class="card-body">
              <p class="card-title"><?php echo basename($image); ?></p>
            </div>
            <div class="card-footer"><?php
$stmt_captionreload = $pdo->prepare('SELECT * FROM `sn_images`
              WHERE sn_images_text_id = :sn_images_text_id
              AND CONCAT(`sn_images_filename`,`sn_images_basename`) = "' . basename($image) . '"
              ');
  $stmt_captionreload->bindValue(':sn_images_text_id', $text_id);
  $stmt_captionreload->execute();
  $row_captionreload = $stmt_captionreload->fetch(PDO::FETCH_ASSOC);
  $one_caption = stripslashes($row_captionreload['sn_images_caption']);
  ?>
            <small class="text-muted"><?php echo $one_caption; ?></small></div>
          </div>
        </div>

        <?php }?>
        </div><!-- row-->
        <button type="submit" name="download" value="1" class="btn btn-success float-right">Download selected</button>
        <input type = 'hidden' name="sn_text_nr" value="<?php echo $text_nr; ?>">

        </form>
        <?php
if ($_POST['download'] == '1') {
  $index = '0';
  echo 'Total count: ' . count($_POST['boxes']) . '';
  while ($index < count($_POST['boxes'])) {
    if (isset($_POST['boxes'][$index])) {
      $file = $_POST['boxes'][$index];
      $path = $dir . $file;
      header('Content-Description: File Transfer');
      header('Content-Type: application/octet-stream');
      header('Content-Disposition: attachment; filename=' . basename($path));
      header('Content-Transfer-Encoding: binary');
      header('Expires: 600');
      header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
      header('Pragma: public');
      header('Content-Length: ' . filesize($path));
      flush();
      readfile($path);
    } else {

    }
    $index++;
  }
}

?>

      </section>
      <!-- /. images -->

 

Hello,

I have the following code to force download mp3 file. the code is working fine but its only downloading 799 bytes. I am new in php and not able to figure out the problem. please help me to sort it out. thanks.

Code: [Select]
<?php 
                include "dbconnect.php"; 
                $link=dbconnect(); 
                $cat=$_GET['catagory']; 
                $id=$_GET['id']; 

                $query=("select *from $cat where id='$id'"); 
                $result=mysql_query($query); 
                $row=mysql_fetch_array($result); 
                $file = $row["link"]; 
                header ("Content-type: octet/stream"); 
                header("Content-Disposition: attachment; filename=\"".basename($file)."\";" );  
                header("Content-Length: ".filesize($file)); 
                readfile($file); 
                exit;                 
?>

Ok, I have a download script. The script is called like:

http://www.site.net/index.php?action=downloadfile&filename=file001.zip&directory=directory12&

The download file code is below. My site hosts quite a few files that get linked on other websites. Problem is, when that link is clicked, obviously it just starts the file download, as if it were a direct link to the file.

What I need to do, is still have it download the file when the link is clicked, but I would also like it to redirect the browser to my homepage as well.

I tried placing this after the download headers but it didn't work.

header("Location: http://www.site.net");

Can anyone give me an idea how I can get the code to do that? Keep in mind that I'm not fluent in PHP.



case 'downloadfile';

$filename = getGetVar('filename');
$directory = getGetDir('directory');


$current_dir = $uploads_folder_name;
if ($directory != '')
{ $current_dir.="/$directory"; }


$filename = basename($filename);


if (!$grants[$user_status][DOWNLOAD])
{
place_header($mess[111]);
show_Contents();
break;
}


if (!file_exists("$current_dir/$filename"))
{
place_header($mess[125]);
show_Contents();
break;
}


if (!is_path_safe($directory, $filename))
{
place_header($mess[111]);
show_Contents();
break;
}


list($upl_user, $upl_ip, $filestatus, $contents) = get_file_description("$current_dir/$filename", $comment_max_caracters);
if ($validation_enabled && $filestatus == UNVALIDATED && !$grants[$user_status][VALIDATE])
{
place_header($mess[111]);
show_Contents();
break;
}



$size = filesize("$current_dir/$filename");
$daily_size = get_daydownload();
if (($max_daily_download_mb > 0) && (($size + $daily_size) > ($max_daily_download_mb * 1024 * 1024)))
{
place_header($mess[212]);
show_Contents();
break;
}


$monthly_size = get_monthdownload();
if (($max_monthly_download_mb > 0) && (($size+$monthly_size) > ($max_monthly_download_mb * 1024 * 1024)))
{
place_header($mess[213]);
show_Contents();
break;
}
increasefiledownloadcount("$current_dir/$filename");
increasebytecountdl("$destination/$userfile_name");
if (($user_status != ANONYMOUS) && ($logged_user_name != ''))  // Update user statistics
{
list($files_uploaded, $files_downloaded, $files_emailed) = load_userstat($logged_user_name);
$files_downloaded++;
save_userstat($logged_user_name, $files_uploaded, $files_downloaded, $files_emailed, time());
}


header("Content-Type: application/force-download; name=\"$filename\"");
header("Content-Transfer-Encoding: binary");
header("Content-Length: $size");
header("Content-Disposition: attachment; filename=\"$filename\"");
header("Expires: 0");
header("Cache-Control: no-cache, must-revalidate");
header("Pragma: no-cache");

// Decrypt file if encryption enabled
if ($encrypt_filecontent)
{ decrypt_file("$current_dir/$filename", true); }
else
{ readfile_chunked("$current_dir/$filename"); }


exit;
break;

This topic has been moved to Third Party PHP Scripts.

http://www.phpfreaks.com/forums/index.php?topic=313491.0

A while back, I was showed how to authenticate to PostgreSQL using peer authentication over a socket for applications where PHP, FPM, and PostgreSQL are all on the same machine.  All works.

I could use native PHP as shown and it returns results without errors so I know that PHP, FPM, and PostgreSQL is setup correctly to establish a connection using peer authentication without a PostgreSQL username or password.

$pdo = new PDO("pgsql:dbname=testing");
$rs = $pdo->query('SELECT * FROM company')->fetchAll();

I could also use Doctrine but not Symfony and get results without errors so I know that Doctrine is capable of establishing a connection using peer authentication without a PostgreSQL username or password.

$pdo = EntityManager::create(['driver' => 'pdo_pgsql','dbname' => 'testing'], Setup::createAnnotationMetadataConfiguration([__DIR__."/../src"], true, null, null, false))->getConnection();
$rs = $pdo->query('SELECT * FROM company')->fetchAll();

Now I am trying to do the same but when using Symfony.  I expected I could just edit config/packages/doctrine.yaml as follows, however, it results in An exception occurred in driver: SQLSTATE[08006] [7] fe_sendauth: no password supplied

doctrine:
    dbal:
        driver: pdo_pgsql
        dbname: testing
        server_version: 13

Any thoughts how to do this?  Thank you

I've just done a Contact Me form.

Once a message has been sent, I'd like to direct the user to a new page saying 'thanks for getting in touch', just so it's clear the message has been sent.

What's the best function to use for that? I tried require("message.php") and include() but the two files got mixed up and all I got was a mess!

Thanks in advance for any help

I've got a page that allows users to upload a file (pdf, jpg, gif png). The user must be logged in in order to upload something. I have a query that checks if the user has already uploaded a file with the same name as the name of the file they are trying to upload.
If they have not uploaded the file yet, the file uploads and they get a "Success" message. If the file has already been uploaded by the user, they will get the message, "You have already uploaded that file".
When the query goes through, the message that shows is, "You have already uploaded that file". I ensured the file was not already in the database, and it still shows this error. I tried changing the if statement to say:

if ($duplicate==0)

instead of:

if ($duplicate!=0)

but it always shows the same error. Any ideas of what could be wrong with my code?

my sql table looks like:

Field     Type      Null     
id    int(11)    No          
userid    int(11)    No          
artist    varchar(50)    No          
title    varchar(50)    No          
file    varchar(2083)    No          
uploaded    varchar(3)    No          

Code:

<?php
session_start();

if (isset($_SESSION['username'])){

$username = $_SESSION['username'];
$submit = $_POST['submit'];

include_once('inc/connect.php');

$uploadsql = mysql_query("SELECT * FROM `users` WHERE `username`='$username'"); 
$uploadrow = mysql_fetch_assoc($uploadsql); 

$userid = $uploadrow['id']; 
$folder = "sheets/fromusers/";

if (isset($submit)){

// Name of file
$name = $_FILES["location"]["name"];
// Type of file (video/avi) or image/jpg, etc
$type = $_FILES["location"]["type"];
//size of file
$size = $_FILES["location"]["size"];
//stores file in a temporary location
$temp = $_FILES["location"]["tmp_name"];
// if there is an error
$error = $_FILES["location"]["error"];

$artist = strtolower($_POST['artist']);
$title = strtolower($_POST['title']);

// Check if fields are filled in
if($artist&&$title){

if ($error > 0)
{
$sheeterror = "<div id='messageerror'>An error occured. Please try again.</div>";
}
else
{

// Determine the extension of the file
// If file is This File.pdf
// Then $ext is now equal to pdf

$ext = strtolower(substr($name, strrpos($name, '.') + 1)); 

if ($ext=="pdf" || $ext=="gif" || $ext=="jpeg" || $ext=="jpg" || $ext=="png")
{
if ($size <= 26214400) // If size <= 25 megabytes
{
$duplicatecheck = mysql_query("SELECT file FROM upload WHERE id='$userid'");
$duplicate = mysql_num_rows($duplicatecheck);

if ($duplicate!=0){
$sheeterror = "<div id='messageerror'>You have already uploaded this file!</div>";

}
else{
$sheetquery = mysql_query("INSERT INTO upload VALUES ('','$userid','$artist','$title','$name','no')");

move_uploaded_file($temp, $folder.$name);

$success = "<div id='messagesuccess'>Upload Complete!</div><div align='center'>".ucwords($artist)." - ".ucwords($title)."</div>";
}

}
else{
$sheeterror = "<div id='messageerror'>Your sheet must be less than 25 megabytes.</div>";
}
}
else
{
$sheeterror = "<div id='messageerror'>".ucfirst($ext)." files are not allowed!</div>";

}
}
}
else{
$sheeterror = "<div id='messageerror'>Fill In All Fields</div>";
}
}
}
else{
$sheeterror = "<div id='messageerror'>You must be logged in to add sheets!</div>";
}

?>

 <html>
 <head>
 <title>Add Sheet</title>
 <style>
 #container{
width: 350px;
height: 150px;
margin-left: auto;
margin-right: auto; 
background-color: #cccccc;
 }
  
 #formhold{
width: 300px;
text-align: right;
margin-right: auto; 
 }
 #messagesuccess{
background-color: #66CD00; 
width: 350px; 
margin-left: auto; 
margin-right: auto;
 }
  #messageerror{
background-color: #ff2211; 
width: 350px; 
margin-left: auto; 
margin-right: auto;
 }
 </style>
 </head>
 <body OnLoad="document.newsheet.artist.focus();">
<?php
include_once('inc/nav.php');
?>
 <center>
 <h1>Add Sheet</h1>
 <br />
 <div id="container">
 <br />
 <div id="formhold">
 <form action="addsheet.php" method="post" name="newsheet" enctype="multipart/form-data">
Artist: <input type="text" name="artist" size="30"><br />
Title: <input type="text" name="title" size="30"><br />
Sheet: <input type="file" name="location" size="17"><br />
 </div>
<center><input type="submit" name="submit" value="Submit"></center>
 </form>
 

 </div>
 <div id="bottomcont">
 <?php echo $success, $sheeterror; ?>
 </div>
 </center>
 </body>
 </html>

Hello everybody,

This is my first post here and I am beginner in PHP world in terms of writing the code to serve my own purposes.

Well I am building a web app and basically it's a calendar which pulls information from .js file. Now I have thinking for the past couple of days how can I accomplish that each user that registers on the site manipulates its own .js file because information from .js file will be shown on calendar.

Let me tell you how it's currently set up:

1. JavaScript file with particular static name is called under the script that is placed on index.php and the data is displayed on the page itself.

So I would love to have is set it up like this:

1. Index page contains login form - Each registered/logged in user will have its own session
2. User registers and based on username/email new .js file is created out of a blank template and it is named based on user's username
3. user is then redirected to the calendar index which contains javascript that cals out that appropriate .js file based on the what user is logged in and displays data to the calendar

I am not sure if that is doable with PHP or not but that's my thinking how it can be done if it's doable. I am open for any kind of suggestions how all this can be put together and if you do have better ideas I would love to hear from you.

I would like to be able to add a yes/no to a field in a 'user' database when a logged in user clicks on a link to download a file.
The site I have built stores docs and applications. and my client would like to know which user has downloaded a certain application (clicked on a button to 'download' and installer file.
Is this possible?

i have my upload process working that uploads documents to the server and then displays in onto the user page like this:

<?php 
						function find_all_files($dir) 
						{ 
    							$root = scandir($dir); 
    							foreach($root as $value) 
    							{ 
    				    				if($value === '.' || $value === '..') {continue;} 
        							if(is_file("$dir/$value")) {$result[]="$dir/$value";
        							continue;
        							} 
        							foreach(find_all_files("$dir/$value") as $value) 
        							{ 
           							 $result[]=$value; 
       								 } 
	   					 	} 
  					 		 return $result; 
						} 
							$fileupload = 'fileupload';
							$getem = find_all_files($fileupload);
							foreach($getem as $key => $value)
							{
								echo '<a href="'.$value.'">'.$value.'</a><br />';
							}
						?>
						
						
						
						<?php
						if($handle = opendir('members/')) {
						while (false !== ($entry = readdir($handle))) {
							if($entry != "." && $enrty != "..") {
							echo "<a href='download.php?file=".$entry."'>".$entry."</a>\n";
							}
							}
							closedir($handle);
							}
							?>

here they can download the files to their computer however is there a way to only display the file of the user that is logged in through their session?