Do you have a question? Post it now! No Registration Necessary. Now with pictures!
October 17, 2005, 6:08 am
rate this thread
I need to provide a button to download a file from my server. However, I
would like to hide the location of that file and am not sure how to do
this securely with PHP. For example, the user clicks on the "Download
file" button but gets a link such as download.php which then starts the
download process but never shows the path to that file (not from 'view
source' or in the URL line at the top).
Any help would be most appreciated.
Re: Hiding download link
Why is it you need to hide the link? Is this some attempt to let
only logged-in users access the file?
One approach is to make sure that the *is no* path which the web
server will serve (the file is kept outside the document tree).
Consider a .php file which does:
(a) any login or security checking needed to see if the user
gets access to the file.
(b) Outputs a Content-type: header appropriate for the file.
(and maybe other headers suggesting a file name).
(c) Opens the file (in its out-of-document-tree location) and
calls fpassthru() to send it to the browser.
Gordon L. Burditt