it should not do that. Are you on *nix?
try not editing the script so much, try it like i gave it to you except
remove the array to test a file to download. Just to verify that the script
works for you.
cheers,
- Sebastian
----- Original Message -----
From: "Mishari" <[EMAIL PROTECTED]>
To: "Sebastian" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
Sent: Monday, June 16, 2003 9:45 AM
Subject: Re: [PHP] Please I need help it's very Urgent (Prevent
un-authorized users to download document)
| Dear Sebastian,
|
| I almost follow your steps, but I got one problem
| actully a big one,it tries to downlaod the php site
| not the document it self:
|
| I havn't got your point when you said " you can
| download a file by file.php?file=a_file.zip "
|
|
| I did the following:
|
| // I alredy checked the username and password
| if ($row = mysql_fetch_array($result)) {
|
| $path = 'documen/data';
| header("Content-type: application/octet-stream\n");
| header("Content-disposition: attachment;
| filename=\"" .$_REQUEST['happy.zip'] . "\"\n");
| header("Content-transfer-encoding: binary\n");
| header("Content-length: " . filesize($path .
| $_REQUEST['happy.zip']) ."\n");
|
| $fp = fopen($path . $_REQUEST['happy.zip'], "r");
| fpassthru($fp);
|
| //die();
| }
| ?>
|
|
|
| --- Sebastian <[EMAIL PROTECTED]> wrote:
| > Hi.
| >
| > See if this helps you get started. I assume each
| > user has an ID. If so all
| > you have to do is make a query above $userid that
| > fetches the user ID of the
| > user that is auth to download.. Also, edit the $path
| > to the location of the
| > files, you can download a file by
| > file.php?file=a_file.zip -- he/she wont be
| > able to tell were the actual URL to the file is. you
| > can also edit echo
| > "please login."; to something like a redirect to a
| > login page, etc..
| >
| >
| > <?php
| > error_reporting(E_ALL);
| >
| > $path = '/home/user/files/';
| > $userid = array(1,2,3); //which IDs can access files
| >
| > if ( empty($_REQUEST['file']) ||
| > !preg_match("/^[a-zA-Z_0-9]+.+[a-zA-Z0-9]+$/",
| > $_REQUEST['file']) ) {
| > die('Not a valid URL.');
| > }
| >
| > if (!in_array($userid) ) {
| > echo "please login.";
| > die();
| > }
| > header("Content-type: application/octet-stream\n");
| > header("Content-disposition: attachment;
| > filename=\"" . $_REQUEST['file'] .
| > "\"\n");
| > header("Content-transfer-encoding: binary\n");
| > header("Content-length: " . filesize($path .
| > $_REQUEST['file']) . "\n");
| >
| > $fp = fopen($path . $_REQUEST['file'], "r");
| >
| > fpassthru($fp);
| > die();
| > ?>
| >
| > ----- Original Message -----
| > From: "Mishari" <[EMAIL PROTECTED]>
| > To: <[EMAIL PROTECTED]>
| > Sent: Monday, June 16, 2003 2:30 AM
| > Subject: [PHP] Please I need help it's very Urgent
| > (Prevent un-authorized
| > users to download document)
| >
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
