Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Westi on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

fetch file to download...

Status
Not open for further replies.
deemarcus

deemarcus

Programmer
Aug 18, 2005
21
GB
Hi, i am currently using the following <a href=\"$file_location$value\">$value</a> to allow a user to download a file which is in an .htaccess passworded directory.



If the user selects the file he/she will be prompted to enter a username and password (the same applies if he / she tries to access the file directly. If i am not logged in i can get my php code to browse the directories and files, can i get it also to get the file and prompt to download it.

Meaning the only way to get to the file is by accessing my web page?

hope this makes scence!
 
Sort by date Sort by votes
I have found that as a good general rule your application should do exactly one of the following:[ul][li]use .htaccess and let Apache handle all authentication[/li][li]let all authentication, and thus all downloads, be handled by PHP[/li][/ul]

It sounds to me like you're trying to hybridize.


Want the best answers? Ask the best questions!

TANSTAAFL!!
 
Upvote 0 Downvote
Thanks for replying, whats the best was to get users to log in with usernames / passwords kept in mysql database and using .htacess for directlry security?

regards.
 
Upvote 0 Downvote
Again, why are you hybridizing? Just put PHP in charge of all authentication, including file downloads.


I suppose you could output the correct headers from within PHP to make the browser display the login dialog to the user, then capture that data. Anything that PHP doesn't capture would be passed to Apache. I suppose as long as all userids/passwords were syncronized between the two, everyting could work. It'd be awfully clunky, though.


Want the best answers? Ask the best questions!

TANSTAAFL!!
 
Upvote 0 Downvote
Use mod_auth_mysql. It's the only way that I can think of to have Apache's basic authentication use a Mysql password DB.

If you're having PHP perform authentication and deliver the file, then you don't need .htaccess at all- just put the file directory outside of the web root and Apache won't be able to access the file at all. PHP still can, since it has access to the filesystem.
 
Upvote 0 Downvote
lgarner, thanks for replying. I put the directory outside the web root which worked fine, i could browse the directory etc... but i have problems selecting the file to download as it is a hyperlink... maybe this is the correct way to do it... if i post my php code you can see what i mean...... if i can get select the file to download then this will solve all my problems...


<?php
// false - don't allow switching to the parent-directory of this script
// true - allow simple switching to the parent-directory (via 'href')

$allow_parent = "false";

//configuration ends here---------------------------------------------------------------------------------------------------------------------------

//=======================================================================================
$path=$_GET["path"];
$SCRIPT_NAME=getenv("SCRIPT_NAME");
//put directory content in arrays-----------------------------------------------------------------------------------------------------------------
// if (!isset($path)) { $path = "./"; }
if (!isset($path)) { $path = "/home/websys/webs/test.websys.co.uk/files/standard/reports/"; }
if (!file_exists($path)) { echo "<h2>File not found!</h2>"; exit; }
if (strstr($path,"..")) { echo "<h2>invalid path!</h2>"; exit; }
// $base_dir = getcwd();
$base_dir = "/home/websys/webs/test.websys.co.uk/files/standard/reports";
chdir($path);
$current_dir = getcwd();
$directory = dir("./");
$directories_array = array();
$files_array = array();
while ($file = $directory->read()) {
if (is_dir($file) AND $file != ".") { $directories_array[] = $file; }
if (is_file($file)) { $files_array[] = $file; }
}
$directory->close();
//sort and output the arrays-----------------------------------------------------------------------------------------------------------------------
$file_location = "files/standard/reports/".basename($current_dir)."/";
echo "<P class='tableheading'>Directory listing for ".basename($current_dir)."</P>";
echo "<table width='100%'>";
echo "<tr class='tableheading'><td width='250'><div align='left'>Name</div></td><td width='50'><div align='left'>Size</div></td><td width='50'><div align='left'>Date</div></td></tr>";
sort($directories_array);
foreach($directories_array as $value) {
if ($value=="..") { $new_path=strrev(substr(strstr(substr(strstr(strrev($path),"/"),1),"/"),1)); }
else { $new_path=$path.$value; }
if (($value != "..") OR ($base_dir != $current_dir)) {
echo "<tr><td><a href=\"$SCRIPT_NAME?path=".urlencode($new_path."/")."\">$value</a><b>/</b></td><td></td><td>".gmdate("d M Y H:i",filemtime($value))."</td></tr>";
}
elseif ($allow_parent == "true") {
echo "<tr><td><a href=\"$value\">$value</a><b>/</b></td><td></td><td>".gmdate("d M Y H:i",filemtime($value))."</td></tr>"; }
}
sort($files_array);
foreach($files_array as $value) {
if($value != basename($SCRIPT_NAME) or $path!="./") {
$filesize=filesize($value);
if ($filesize > 1073741823) { $filesize = sprintf("%.1f",($filesize/1073741824))." GB"; }
elseif ($filesize > 1048575) { $filesize = sprintf("%.1f",($filesize/1048576))." MB"; }
elseif ($filesize > 1023) { $filesize = sprintf("%.1f",($filesize/1024))." kB"; }
else { $filesize = $filesize." byte"; }
//echo "<tr><td><a href=\"$path$value\">$value</a></td><td>$filesize</td><td>".gmdate("d M Y H:i",filemtime($value))."</td></tr>";
echo "<tr><td><a href=\"$file_location$value\">$value</a></td><td>$filesize</td><td>".gmdate("d M Y H:i",filemtime($value))."</td></tr>";

}
}
echo "</table>";
?>

kindest regards,

dee
 
Upvote 0 Downvote
You missed my point. PHP must handle the file delivery in this case because Apache does not have access to files outside of the webroot

If you must have a simple hyperlink, then I'd do it one of two ways:
1. Follow sleipnir's suggestion and have your web app pass the basic authentication credentials. Try for a start.
2. Use basic authentication only]/i] and have your web app use that username.
 
Upvote 0 Downvote
Oh pants! i was hoping that i could replace the href to the file with a getfile() function or somthing. How can i browse folders / directories out side the web tree but not select them to download? Im a little confused.


Dee
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

SashaBuilder3
  • Locked
  • Question
import CSV file into MySql table in PhpMyAdmin
Replies
0
Views
438
SashaBuilder3
SashaBuilder3
R
  • Locked
  • Question
How Can I Use MySQL To Send Data To An Email
Replies
1
Views
362
Chris Miller
Chris Miller
P
  • Locked
  • Question
JPgraph - How to stop a line graph from dropping to zero?
Replies
2
Views
429
Chris Miller
Chris Miller
W
  • Question
how to send checked row data in php
Replies
0
Views
119
wiltang2004
W
rogerte
  • Locked
  • Question
How to parse associative array
Replies
13
Views
1K
Chris Miller
Chris Miller

Part and Inventory Search

Sponsor

Back
Top