download script 1

[gchen]

Hi,

i am working on a download script (PERL) and i encountered a problem where i try to do two things -

after visitors entered their name, email address, the srcipt supposes to 1) echo a thankyou page and 2) let the visitor to download the file.

what i did in my script is like this...

...
print "thank you!\n\n";
print "Location: $download/$file";
...

but i got --

thank you

Location: the/actual/value/of/the/file

and this is not what i want.

Can someone help?

thanks a lot!

Gary

 

[Rieekan]

Your results are due to the printing of text information before the header you're looking to send. If you'd like to show a thank you page before the file can be downloaded, and you don't care whether the user can see the URL for the file itself, try the following:

[ul]
[li]Once the user's information has been entered, send them to the Thank You page preferrably as a Perl script[/li]
[li]Within the Thank You page, have a Meta tag to refresh the page after X seconds. This will rerequest the Perl script and by checking to see if $ENV{HTTP_REFERER} is set to the script's name, you can then send your location header to download the file.[/li]
[/ul]

Just one way to do it of course.

- Rieekan

 

[gchen]

Hi Rieekan,

Thank you for the suggestion. I don't want to reveal the url where the download file is. So i would like to use "location:". but i cannot let apache to act these two actions at the same time or one after the other. when it prints the thank you page, it won't to the location thing, instead it just print it. i guess i must miss something.

gary

 

[Rieekan]

Upon closer inspection (and something to eat this morning) the suggestion I gave to you will hide the actual location of the file the user is to download. To the user, they're just going to the Thank you Page.

- Rieekan

 

[gchen]

Hi Rieekan,

I am sorry, the url is visible. if you do a "view source", it's right there.

How can i use location: from PERL with a page displayed at the same time, do you have any clue?

thanks!

Gary

 

[Rieekan]

No, you're refresh is going to call the Perl script again which checks to see if the referer that called it was itself. Something like this:

#usr/bin/perl

use strict;

if (!($ENV{HTTP_REFERER} =~ /thisscript.pl/))
{
    print header;
    print <<HTML
<html>
<head>
<meta http-equiv="refresh" content="5;./thisscript.pl?file=file.ext" />
</head>
<body>
Thank you!  Your download will begin shortly.
</body>
</html>

HTML

exit;
}

elsif ($ENV{HTTP_REFERER} =~ /thisscript.pl/)
{
    print "Content-Disposition: attachment\n\n";
    #open file in Perl and pass to STDOUT
}

This of course is not tested or probably complete code, but you get the idea.

- Rieekan

 

[gchen]

Hi Rieekan,

Once again, Thanks for the quick response.

I guess i did not make myself clear. The problem is not the PERL script. It is how can i hide the url of the download file. The script takes some input from people how wants to download the digital file, then point to the file and pops up a "save as" box.

the code <meta http-equiv="refresh"... > is visible with a right click and "view source". so it is not safe. I know perl's location: can bring up browser's "save as" without revealing the url. So i want to use it.

But when i put the code ...

print "Location: to/my/file";

below the code ...

print "Content-type: text/html\n\n";

it simply got print on the screen as ...

Location: to/my/file

whereas if i did not have print "Content-type: text/html\n\n"; prior to this Location: thing, it works. But then i do not have a chance to write something on the screen such as a thank you page.

so, what i am trying to figure out is how to put ...

print "Location: to/my/file"; to work within a thank you page.

Thanks a million!

Gary

 

[Rieekan]

Your question was pretty clear and my responses were to just point you in the right direction for a solution that meets your needs. By adding in server side sessions, a key / value pair for the file, placing the actual files outside of the web environment so the users cannot key to them directly, you will meet your goal.

- Rieekan

 

[siberian]

Use a meta-refresh tag.

I also answered this here :

thread181-27567

Either send teh file without a page, send the page with a link embedded or send the page with a meta-redirect and 0 refresh.

 

[rob51383]

This way they will never see the path to the file, and the page will never change when they click the "Download File" link.

Make this the download link

<a href="[URL unfurl="true"]http://www.you.com/cgi-bin/download.cgi">Download[/URL] File</a>

This is download.cgi

#!/usr/bin/perl
use CGI;

my $GET = new CGI;

print $GET->redirect(-url => "[URL unfurl="true"]http://www.you.com/thefile.zip");[/URL]

 

[rob51383]

By the way, the "Download File" link will have to be on the thank you page. So it will look like this:

<html>

 <head>
  <title>Thank you Page</title>
 </head>

 <body topmargin="0" leftmargin="0">

Thank you for downloading the file <br>
<a href="[URL unfurl="true"]http://www.you.com/cgi-bin/download.cgi">Click[/URL] Here To Download The File</a>

 </body>
</html>

 

[gchen]

i got a server error 500 for download.cgi

when i exec it from unix commend line, perl download.cgi
i got "Status: 302 Moved" then the Location:... which is exactly what i want. but why i got status 302 and 500 server error?

any clue? thanks a lot!

Gary

 

[rob51383]

Because you have:

print "Content-type: text/html\n\n";

or something like it. If you are re-directing the page there is no text/html so it gives an error. If you dont have that paste your code and I will look at it.

 

[gchen]

i did exactly what you mentioned -

1. create a download.cgi with exactly the code as you said just point to my download file though.
2. run it from command line then i got "Status: 302 Moved".
3. if i call it from browser, i then got server error 500 and "Error message:
Premature end of script headers: download.cgi"

thanks for the help!!!!

gary

 

[rob51383]

There is something wrong elsewhere in your script. This works perfectly. Check out:

http://www.allthingsfamous.com/download.html

I created an example.

 

[gchen]

well, i think it might be a server problem or perl version or cgi module issue. i just copy your code once again, the code from your working script. then i ran it at my server and the result was the same, "Status: 302 Moved".

what's needed to run this script?

mine perl is 5.8.0.

 

[rob51383]

Mine is 5.8.4 but it should work with versions much prior to that. Did you try creating a completely blank page with nothing but the script similar to mine? My only guess is that there is something somewhere else interfearing with it.

It is possible (very unlikely) that you don't have the CGI.pm module.

Just in case (I forget the stupid things sometimes too)
1. CHMOD to 755
2. Upload to server in ASCII

Whats the page your running the script on, I will check it out.

 

[rob51383]

Another thing...Check that your shebang line is the same as mine. Mine is "#!/usr/bin/perl", yours might be different. If this is not correct it will give the 500 error.

 

[gchen]

hi!

what a terrible mistake i have made...! it was 644 only. now it works like a champ after chmod 755.

great! i finally got my download script working. am going to complete the download script with this final addition to hide my download file.

thanks a million!!!!!