Skip to content

Instantly share code, notes, and snippets.

@finalwebsites

finalwebsites/download-example.php

Last active December 21, 2022 01:26
Show Gist options
  • Star 2 You must be signed in to star a gist
  • Fork 1 You must be signed in to fork a gist
  • Save finalwebsites/be5f1dc1dd65f2bd8645e0495fb51896 to your computer and use it in GitHub Desktop.
Save finalwebsites/be5f1dc1dd65f2bd8645e0495fb51896 to your computer and use it in GitHub Desktop.
Download ZIP
PHP download file script code example
Raw
download-example.php
<?php
echo '
<a href="http://mydomain.com/download.php?download_file=some_file.pdf">PHP download file</a>';
Raw
download-mysql-example.php
<?php
$secret = 'Add some secret strinhg here...';
$file_id = 123; // or something else you got from your MySQL database
$slug = md5($file_id.$secret);
echo '
<a href="http://mydomain.com/dowload.php?fid='.$slug.'">PHP download file via MySQL</a>';
Raw
download-mysql.php
<?php
ignore_user_abort(true);
set_time_limit(0);
$path = "/absolute_path_to_your_files/";
$secret = 'your-secret-string';
if (isset($_GET['fid']) && preg_match('/^([a-f0-9]{32})$/', $_GET['fid'])) {
$db = new mysqli('localhost', 'username', 'password', 'databasename');
$result = $db->query(sprintf("SELECT filename FROM mytable WHERE MD5(CONCAT(ID, '%s')) = '%s'", $secret, $db->real_escape_string($_GET['fid'])));
if ($result->num_rows == 1) {
$obj = $result->fetch_object();
$fullPath = $path.$obj->filename;
if ($fd = fopen ($fullPath, "r")) {
//
// Place here the other PHP download code
//
}
fclose ($fd);
exit;
} else {
die('no match');
}
} else {
die('missing file ID');
}
Raw
download.php
<?php
ignore_user_abort(true);
set_time_limit(0); // disable the time limit for this script
$path = "/absolute_path_to_your_files/"; // change the path to fit your websites document structure
$dl_file = preg_replace("([^\w\s\d\-_~,;:\[\]\(\).]|[\.]{2,})", '', $_GET['download_file']); // simple file name validation
$dl_file = filter_var($dl_file, FILTER_SANITIZE_URL); // Remove (more) invalid characters
$fullPath = $path.$dl_file;
if ($fd = fopen ($fullPath, "r")) {
$fsize = filesize($fullPath);
$path_parts = pathinfo($fullPath);
$ext = strtolower($path_parts["extension"]);
switch ($ext) {
case "pdf":
header("Content-type: application/pdf");
header("Content-Disposition: attachment; filename=\"".$path_parts["basename"]."\""); // use 'attachment' to force a file download
break;
// add here more headers if you use other content types
default;
header("Content-type: application/octet-stream");
header("Content-Disposition: filename=\"".$path_parts["basename"]."\"");
break;
}
header("Content-length: $fsize");
header("Cache-control: private"); //use this to open files directly
while(!feof($fd)) {
$buffer = fread($fd, 2048);
echo $buffer;
}
}
fclose ($fd);
exit;
@dapovoa
Copy link

dapovoa commented Feb 28, 2020

Doesn't work

@finalwebsites
Copy link
Author

Doesn't work

It's basic code and should work for most of us. Any error's in you log files?

@solihr
Copy link

solihr commented Feb 17, 2021

can we use it for Dropbox link?

@finalwebsites
Copy link
Author

can we use it for Dropbox link?

Sure, if you use the Dropbox API. This code is only for sending a file to the browser, nothing else ;)

@solihr
Copy link

solihr commented Feb 22, 2021

i created download.php and put/replace the Dropbox link at this line -> $path = "/absolute path_to_your_files/"; but returns 404 page

@finalwebsites
Copy link
Author

This is not how it works, this snippet is for files you process on your own server.
What you try is not possible with that script.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment