it should not do that. Are you on *nix? try not editing the script so much, try it like i gave it to you except remove the array to test a file to download. Just to verify that the script works for you.
cheers, - Sebastian ----- Original Message ----- From: "Mishari" <[EMAIL PROTECTED]> To: "Sebastian" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> Sent: Monday, June 16, 2003 9:45 AM Subject: Re: [PHP] Please I need help it's very Urgent (Prevent un-authorized users to download document) | Dear Sebastian, | | I almost follow your steps, but I got one problem | actully a big one,it tries to downlaod the php site | not the document it self: | | I havn't got your point when you said " you can | download a file by file.php?file=a_file.zip " | | | I did the following: | | // I alredy checked the username and password | if ($row = mysql_fetch_array($result)) { | | $path = 'documen/data'; | header("Content-type: application/octet-stream\n"); | header("Content-disposition: attachment; | filename=\"" .$_REQUEST['happy.zip'] . "\"\n"); | header("Content-transfer-encoding: binary\n"); | header("Content-length: " . filesize($path . | $_REQUEST['happy.zip']) ."\n"); | | $fp = fopen($path . $_REQUEST['happy.zip'], "r"); | fpassthru($fp); | | //die(); | } | ?> | | | | --- Sebastian <[EMAIL PROTECTED]> wrote: | > Hi. | > | > See if this helps you get started. I assume each | > user has an ID. If so all | > you have to do is make a query above $userid that | > fetches the user ID of the | > user that is auth to download.. Also, edit the $path | > to the location of the | > files, you can download a file by | > file.php?file=a_file.zip -- he/she wont be | > able to tell were the actual URL to the file is. you | > can also edit echo | > "please login."; to something like a redirect to a | > login page, etc.. | > | > | > <?php | > error_reporting(E_ALL); | > | > $path = '/home/user/files/'; | > $userid = array(1,2,3); //which IDs can access files | > | > if ( empty($_REQUEST['file']) || | > !preg_match("/^[a-zA-Z_0-9]+.+[a-zA-Z0-9]+$/", | > $_REQUEST['file']) ) { | > die('Not a valid URL.'); | > } | > | > if (!in_array($userid) ) { | > echo "please login."; | > die(); | > } | > header("Content-type: application/octet-stream\n"); | > header("Content-disposition: attachment; | > filename=\"" . $_REQUEST['file'] . | > "\"\n"); | > header("Content-transfer-encoding: binary\n"); | > header("Content-length: " . filesize($path . | > $_REQUEST['file']) . "\n"); | > | > $fp = fopen($path . $_REQUEST['file'], "r"); | > | > fpassthru($fp); | > die(); | > ?> | > | > ----- Original Message ----- | > From: "Mishari" <[EMAIL PROTECTED]> | > To: <[EMAIL PROTECTED]> | > Sent: Monday, June 16, 2003 2:30 AM | > Subject: [PHP] Please I need help it's very Urgent | > (Prevent un-authorized | > users to download document) | > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php