Over a million developers have joined DZone.
{{announcement.body}}
{{announcement.title}}

PHP Force Download - Keep Up With What's Going Down

DZone's Guide to

PHP Force Download - Keep Up With What's Going Down

· Web Dev Zone ·
Free Resource

Jumpstart your Angular applications with Indigo.Design, a unified platform for visual design, UX prototyping, code generation, and app development.

A force-download script can give you more control over a file download than you would have providing a direct link. Using a force-download script, you can:

  • Validate that a person is logged in
  • Increment a counter in a text file
  • Connect to your database and log IP information, increment a counter, and record who downloaded the file.

The Code

// grab the requested file's name
$file_name = $_GET['file'];

// make sure it's a file before doing anything!
if(is_file($file_name))
{

	/*
		Do any processing you'd like here:
		1.  Increment a counter
		2.  Do something with the DB
		3.  Check user permissions
		4.  Anything you want!
	*/

	// required for IE
	if(ini_get('zlib.output_compression')) { ini_set('zlib.output_compression', 'Off');	}

	// get the file mime type using the file extension
	switch(strtolower(substr(strrchr($file_name,'.'),1)))
	{
		case 'pdf': $mime = 'application/pdf'; break;
		case 'zip': $mime = 'application/zip'; break;
		case 'jpeg':
		case 'jpg': $mime = 'image/jpg'; break;
		default: $mime = 'application/force-download';
	}
	header('Pragma: public'); 	// required
	header('Expires: 0');		// no cache
	header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
	header('Cache-Control: private',false);
	header('Content-Type: '.$mime);
	header('Content-Disposition: attachment; filename="'.basename($file_name).'"');
	header('Content-Transfer-Encoding: binary');
	header('Content-Length: '.filesize($file_name));	// provide file size
	readfile($file_name);		// push it out
	exit();

}

This file alone isn't secure. You will want to validate that the file doesn't provide access to your website code, files you don't want downloaded, and so on. That code will be specific to your website and needs.

Do you use a force-download script? What processing do you do inside the script?

Take a look at an Indigo.Design sample application to learn more about how apps are created with design to code software.

Topics:

Opinions expressed by DZone contributors are their own.

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.urlSource.name }}