Home > Article > Backend Development > Detailed explanation of file download for PHP application development
This article introduces some codes for using PHP to download files. Friends in need may wish to refer to it.
1, php download function The file download function is implemented with the help of header() function and readfile() function. <?php function DownloadFile($filename) { // Check filename if (empty($filename) || !file_exists($filename)) { return FALSE; } // Create download file name to be displayed to user $saveasname = basename($filename); // Send binary filetype HTTP header header('Content-Type: application/octet-stream'); // Send content-length HTTP header header('Content-Length: '.filesize($filename)); // Send content-disposition with save file name HTTP header header('Content-Disposition: attachment; filename="'.$saveasname.'"'); // Output file readfile($filename); // Done return TRUE; } ?> 2, php file download script A more complete custom function for php download. <?php ////////////////////////////////////////////////////////////////////// // DOWNLOAD.PHP -- Download Utility // Get download file id (assume it's passed as a form or URL parameter) $id = getGlobalVar('id', 1); // Check download file id parameter, get download file name, download file // (assuming (global) variable $id specifies download file id) if (empty($id) || !DownloadFile(getDownloadFileName($id))) { die("No Download!"); } // Only functions beyond this point function getDownloadFilename($fileid) // Get download file pathname // Returns: download file pathname // Parameters: // $fileid : File identifier { // Download file list $DLFILES = array( 'TOOL1' => 'download/tool1_v30.exe', 'PROG2' => 'download/prog2setup.exe', ); // Get/check download file name if (empty($fileid) || empty($DLFILES[$fileid])) { return ''; } // Set base directory to document root directory // (could also be set to a directory outside document root!) $basedir = getGlobalVar('DOCUMENT_ROOT'); // Build and return download file name return $basedir.'/'.$DLFILES[$fileid]; } function DownloadFile($filename) // Download file // Returns: TRUE if download successfully started, FALSE if download failed // Parameters: // $filename : Download file pathname { // Verify filename if (empty($filename) || !file_exists($filename)) { return FALSE; } // Create download file name to be displayed to user $saveasname = basename($filename); // Send binary filetype HTTP header header('Content-Type: application/octet-stream'); // Send content-length HTTP header header('Content-Length: '.filesize($filename)); // Send content-disposition with save file name HTTP header header('Content-Disposition: attachment; filename="'.$saveasname.'"'); // Output file readfile($filename); // Download successfully started return TRUE; } function getGlobalVar($g, $formflag = 0) // Get global PHP variable value // Returns: global variable value or empty string if not available // Parameters: // $g : Global PHP variable name // $formflag : Flag - global var from GET/POST input { if (empty($g)) { return 0; } // Try superglobal access (PHP 4.1.0+) if ($formflag) { if (isset($_POST[$g])) { return $_POST[$g]; } if (isset($_GET[$g])) { return $_GET[$g]; } if (isset($_REQUEST[$g])) { return $_REQUEST[$g]; } } else { if (isset($_SERVER[$g])) { return $_SERVER[$g]; } if (isset($_ENV[$g])) { return $_ENV[$g]; } } // Try superglobal access (PHP 3.0.0+) if (isset($GLOBALS[$g])) { return $GLOBALS[$g]; } // Try global variable access (PHP 3+) global $$g; if (!empty($$g)) { return $$g; } // Assume global variable empty/not set return ''; } ?> Save the above script as dl.php and pass in the id parameter when applying. For example: Download Program 2 It can also be achieved through the redirection statement Location of PHP, for example: <?php header("Location: http://www.YourDomain.com/dl.php?id=PROG2"); exit; ?> The above code can prevent users from directly accessing downloaded files, providing certain file protection and even anti-leeching functions. The following code can be introduced based on the http header information to provide safer file downloading. Code: <?php function DownloadFile($filename) { // Check filename if (empty($filename) || !file_exists($filename)) { return FALSE; } // Create download file name to be displayed to user $saveasname = basename($filename); // Send binary filetype HTTP header header('Content-Type: application/octet-stream'); // Send content-length HTTP header header('Content-Length: '.filesize($filename)); // Send content-disposition with save file name HTTP header // (using workaround for MSIE 5.5 SP1 / MSIE 6.01 bugs/problems) $browser = getGlobalVar('HTTP_USER_AGENT'); if (strstr('MSIE 5.5', $browser) || strstr('MSIE 6.01', $browser)) { header('Content-Disposition: filename="'.$saveasname.'"'); } else { header('Content-Disposition: attachment; filename="'.$saveasname.'"'); } // Send Content-Transfer-Encoding HTTP header // (use binary to prevent files from being encoded/messed up during transfer) header('Content-Transfer-Encoding: binary'); // Output file readfile($filename); // Done return TRUE; } function getGlobalVar($g, $formflag = 0) // Get global PHP variable value // Returns: global variable value or empty string if not available // Parameters: // $g : Global PHP variable name // $formflag : Flag - global var from GET/POST input { if (empty($g)) { return 0; } // Try superglobal access (PHP 4.1.0+) if ($formflag) { if (isset($_GET[$g])) { return $_GET[$g]; } if (isset($_POST[$g])) { return $_POST[$g]; } if (isset($_REQUEST[$g])) { return $_REQUEST[$g]; } } else { if (isset($_SERVER[$g])) { return $_SERVER[$g]; } if (isset($_ENV[$g])) { return $_ENV[$g]; } } // Try superglobal access (PHP 3.0.0+) if (isset($GLOBALS[$g])) { return $GLOBALS[$g]; } // Try global variable access (PHP 3+) global $$g; if (!empty($$g)) { return $$g; } // Assume global variable empty/not set return ''; } ?> <?php function DownloadFile($filename) { // Check filename if (empty($filename) || !file_exists($filename)) { return FALSE; } // Create download file name to be displayed to user $saveasname = basename($filename); // Send binary filetype HTTP header header('Content-Type: application/octet-stream'); // Send content-length HTTP header header('Content-Length: '.filesize($filename)); // Send content-disposition with save file name HTTP header // (using workaround for MSIE 5.5 SP1 / MSIE 6.01 bugs/problems) $browser = getGlobalVar('HTTP_USER_AGENT'); if (strstr('MSIE 5.5', $browser) || strstr('MSIE 6.01', $browser)) { header('Content-Disposition: filename="'.$saveasname.'"'); } else { header('Content-Disposition: attachment; filename="'.$saveasname.'"'); } // Send Content-Transfer-Encoding HTTP header // (use binary to prevent files from being encoded/messed up during transfer) header('Content-Transfer-Encoding: binary'); // Output file readfile($filename); // Done return TRUE; } function getGlobalVar($g, $formflag = 0) // Get global PHP variable value // Returns: global variable value or empty string if not available // Parameters: // $g : Global PHP variable name // $formflag : Flag - global var from GET/POST input { if (empty($g)) { return 0; } // Try superglobal access (PHP 4.1.0+) if ($formflag) { if (isset($_GET[$g])) { return $_GET[$g]; } if (isset($_POST[$g])) { return $_POST[$g]; } if (isset($_REQUEST[$g])) { return $_REQUEST[$g]; } } else { if (isset($_SERVER[$g])) { return $_SERVER[$g]; } if (isset($_ENV[$g])) { return $_ENV[$g]; } } // Try superglobal access (PHP 3.0.0+) if (isset($GLOBALS[$g])) { return $GLOBALS[$g]; } // Try global variable access (PHP 3+) global $$g; if (!empty($$g)) { return $$g; } // Assume global variable empty/not set return ''; } ?> |