Author |
Message |
BDwinsAlt Agurus's Posse
Age:33 Gender: Joined: Jun 16 2003 Posts: 1145 Location: Alabama Offline
|
|
Back to top |
|
|
Cerium Server Help Squatter
Age:41 Gender: Joined: Mar 05 2005 Posts: 807 Location: I will stab you. Offline
|
Posted: Sat Feb 24, 2007 3:18 am Post subject: |
|
|
|
|
What you would want to do is manually send the response headers with the content of the file you want to send...
This is an example ripped directly from my php-based playlist builder, so you may want to change a few of the values based on the type of file you'll be sending...
header("Cache-Control: must-revalidate, post-check=0, pre-check=0");
header("Content-Description: File Transfer");
header("Content-Type: application/vnd.ms-wpl");
header("Content-Length: " . filesize($strFile));
header("Content-Disposition: attachment; filename=\"playlist.wpl\"");
|
At this point, you just dump the file contents directly to the output stream (via print/echo/etc).
print(file_get_contents($strFile)); |
And viola. The user never sees the actual location of the file (and thus, does not need direct access to it) and you can authenticate the user prior to sending. _________________ There are 7 user(s) ignoring me right now. |
|
Back to top |
|
|
Mine GO BOOM Hunch Hunch What What
Age:40 Gender: Joined: Aug 01 2002 Posts: 3614 Location: Las Vegas Offline
|
Posted: Sat Feb 24, 2007 6:07 am Post subject: |
|
|
|
|
Please note that the above method is generally a huge cause for security concern. People will attempt to send '..' and '/' into your script to try and load /etc/passwd or other critical files. Generally the best way to prevent this is to have a database so the user sends an ID of the file, which your script looks up and links to the correct file. |
|
Back to top |
|
|
BDwinsAlt Agurus's Posse
Age:33 Gender: Joined: Jun 16 2003 Posts: 1145 Location: Alabama Offline
|
Posted: Sat Feb 24, 2007 11:54 am Post subject: |
|
|
|
|
Oh ok. I see what you're saying. Thanks SO much. You guys rock.
EDIT: The only thing is after this is sent it won't display my echos and stuff. How might I fix that? |
|
Back to top |
|
|
Solo Ace Yeah, I'm in touch with reality...we correspond from time to time.
Age:36 Gender: Joined: Feb 06 2004 Posts: 2583 Location: The Netherlands Offline
|
|
Back to top |
|
|
BDwinsAlt Agurus's Posse
Age:33 Gender: Joined: Jun 16 2003 Posts: 1145 Location: Alabama Offline
|
Posted: Sat Feb 24, 2007 1:58 pm Post subject: |
|
|
|
|
Ohhhhh thanks solo. I've never really worked too much with headers. |
|
Back to top |
|
|
Solo Ace Yeah, I'm in touch with reality...we correspond from time to time.
Age:36 Gender: Joined: Feb 06 2004 Posts: 2583 Location: The Netherlands Offline
|
Posted: Sat Feb 24, 2007 2:14 pm Post subject: |
|
|
|
|
The headers tell the browser what kind of data it's supposed to expect. It's like "I'm going to send you a x-type file".
The browser expects everything after the full header to be the content of that file.
So, if you're going to echo stuff to the browser, the browser will interpret that as content of that file.
It's up to the browser if it wants to/can display the contents of the file. |
|
Back to top |
|
|
marky Guest
Offline
|
Posted: Wed Jul 25, 2007 3:30 am Post subject: changing password by user |
|
|
|
|
how to allow to user to change his password ang login? is it possible in this code? |
|
Back to top |
|
|
BDwinsAlt Agurus's Posse
Age:33 Gender: Joined: Jun 16 2003 Posts: 1145 Location: Alabama Offline
|
Posted: Wed Jul 25, 2007 5:46 pm Post subject: |
|
|
|
|
I made the script use mysql for authentication. Google it and you can add it. |
|
Back to top |
|
|
CypherJF I gargle nitroglycerin
Gender: Joined: Aug 14 2003 Posts: 2582 Location: USA Offline
|
Posted: Wed Jul 25, 2007 7:17 pm Post subject: |
|
|
|
|
I'm disappointed, you used the echo quote, quote syntax:
You should use single quotes if there is no reason for back-replacement in the string. It also makes your life easier for including HTML, which can allow for valid website markup. _________________ Performance is often the art of cheating carefully. - James Gosling |
|
Back to top |
|
|
|