On Fri, 30 Mar 2001 15:10, Randy Johnson wrote:
> Here is the scenario:
>
> I want to let my users download their history of transactions from a
> mysql database. I have that part working...they click a link a csv
> file is created for them to download. now here is my question.
>
> Is there a way to have the file delete after they have downloaded it?
> Also is there a way to have the file download as filename.csv but have
> the actually file that is create named a random name of numbers and
> letters i.e. 2s3d4f5g6h.csv
>
> My concern is to have the file be deleted after download and/or make it
> so no other users could guess the url and download someone else's
> history.
>
> Any Advice is much appreciated.
>
> thanks
>
> randy
Why not create the information and download it on-the-fly? That way no
files are created, no evidence left laying around, etc. I've attached
(for Randy, won't get to the list) something I use to do this with output
as a tab delimited file.
--
David Robley | WEBMASTER & Mail List Admin
RESEARCH CENTRE FOR INJURY STUDIES | http://www.nisu.flinders.edu.au/
AusEinet | http://auseinet.flinders.edu.au/
Flinders University, ADELAIDE, SOUTH AUSTRALIA
<?php
/* This little routine will produce a tab delimited file of the contents of the expertise and people
tables from the injdirect database - that's the one that runs the Directory of Injury Personnel.
The tab delimited file is sent as an application/octetstream file to force saving to file, to be used for
producing some kind of mailout.
We can't use CSV because someone decided to put "s in the data ;-( */
header("Content-disposition: filename=maillist.dat");
header("Content-type: application/octetstream");
header("Pragma: no-cache");
header("Expires: 0");
// doing some DOS-CRLF magic...
$client=getenv("HTTP_USER_AGENT");
if (ereg('[^(]*\((.*)\)[^)]*',$client,$regs)):
$os = $regs[1];
// this looks better under WinX
if (eregi("Win",$os)):
$crlf="\r\n";
else:
$crlf="\n";
endif; /* OS = WIN */
endif; /* ereg $client */
$database = "xxxxxxxxx";
//<Build query here>
$sep="\t";
$result = mysql_db_query($database, $query);
if (mysql_errno() != 0):
echo "ERRNUM: ".mysql_errno()." - ".mysql_error()."\n";
endif;
/* Dump a header line showing field order */
echo "title $sep surname $sep fname $sep position $sep section $sep division $sep orgname $sep mail1 $sep mail2 $sep city $sep ";
echo "state $sep postcode $sep phone $sep mobile $sep fax $sep email $sep exp1 $sep exp2 $sep exp3 $sep exp4 $sep exp5 $sep description";
echo $crlf;
while($row=mysql_fetch_array($result)){
extract($row);
echo stripslashes($title) . $sep;
echo stripslashes($surname) . $sep;
echo stripslashes($fname) . $sep;
echo stripslashes($position) . $sep;
echo stripslashes($section) . $sep;
echo stripslashes($division) . $sep;
echo stripslashes($orgname) . $sep;
echo stripslashes($mail1) . $sep;
echo stripslashes($mail2) . $sep;
echo $city . $sep;
echo $state . $sep;
echo $postcode . $sep;
echo $phone . $sep;
echo $mobile . $sep;
echo $fax . $sep;
echo $email . $sep;
echo $expertise[intval($exp1)] . $sep;
echo $expertise[intval($exp2)] . $sep;
echo $expertise[intval($exp3)] . $sep;
echo $expertise[intval($exp4)] . $sep;
echo $expertise[intval($exp5)] . $sep;
$description = stripslashes($description);
echo str_replace("\n", " ",$description);
echo $crlf;
}
?>
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
