473,568 Members | 2,939 Online
Bytes | Software Development & Data Engineering Community
+ Post

Home Posts Topics Members FAQ

File download quirks

Hello,

I have a php script that allows users to download files they selected
earlier in the session.
I use the following code snippet to do this:

## set up headers
header("Content-type: application/x-gzip");
header("Content-disposition: filename: $filename");
header("Filenam e: $filename");
header("Content-length: ".filesize("pri vate/$filename"));

## now send the contents
@readfile("priv ate/$filename");
The problem is that the downloaded file gets named as this php code's
file name, and not the actual file name. I mean, if the php code is
in a file named process.php and the file the users download is
myfile.zip, the browser chooses to save the file as process.php.gz.

Any suggestions to fix this?
Jul 17 '05 #1
5 1935
php newbie wrote:
Hello,

I have a php script that allows users to download files they selected
earlier in the session.
I use the following code snippet to do this:

## set up headers
header("Content-type: application/x-gzip");
header("Content-disposition: filename: $filename"); Use this:
header('Content-Disposition:att achment;filenam e="$filename"') ;
header("Filenam e: $filename");
header("Content-length: ".filesize("pri vate/$filename"));

## now send the contents
@readfile("priv ate/$filename");

The problem is that the downloaded file gets named as this php code's
file name, and not the actual file name. I mean, if the php code is
in a file named process.php and the file the users download is
myfile.zip, the browser chooses to save the file as process.php.gz.

Any suggestions to fix this?


Afaik not. On php.net they say:

<quote>
Note: There is a bug in Microsoft Internet Explorer 4.01 that
prevents this from working. There is no workaround. There is also a
bug in Microsoft Internet Explorer 5.5 that interferes with this,
which can be resolved by upgrading to Service Pack 2 or later.
</quote>

--> http://de2.php.net/manual/en/function.header.php

Saludo
Paul.
Jul 17 '05 #2
Paul Wellner Bou wrote:
Use this:
header('Content-Disposition:att achment;filenam e="$filename"') ;


Well, I agree with your point: a disposition-type is required. I
think you've gotten your quotes muddled up though. No variable
expansion occurs in single-quoted strings.

If you follow RFC2183's advice, however, and keep to short
alphanumeric filenames, there's absolutely no need to quote the
filename value.

I think RFC2616's grammar here (sec. 19.5.1) is misleading, and not
in accordance with RFC1806's or RFC2183's definition of the Content-
Disposition header. In RFC2616, we're given:

| content-disposition = "Content-Disposition" ":"
| disposition-type *( ";" disposition-parm )
| disposition-type = "attachment " | disp-extension-token
| disposition-parm = filename-parm | disp-extension-parm
| filename-parm = "filename" "=" quoted-string
| disp-extension-token = token
| disp-extension-parm = token "=" ( token | quoted-string )

(You might have to read it in conjunction with section 2.2, if you
haven't already memorised every rule. ;-))

which may give the mistaken impression to those unfamiliar with ABNF
that the filename parameter value must consist of a quoted-string.
It doesn't. Verily, this grammar allows characters in the filename
value that are *not* allowed by RFCs 1806 or 2183! I think RFC2616
should've left the definition to the RFC it referenced.

RFC1806, referenced by RFC2616, states the value of the filename
parameter in a Content-Disposition header to be of type value. A
value is either a quoted-string or a token; a token is basically the
entire ASCII character set, save a few special characters
("tspecials" , to use their terminology), spaces and control
characters. Thus, values like name.extension can be left unquoted.

RFC2183 updates RFC1806, but values stay the same. RFC2183 contains
the additional proviso that a "short (length <= 78 characters)
parameter value containing only non-`tspecials' characters SHOULD be
represented as a single `token'", i.e, filenames like my example
above *shouldn't* be quoted.

--
Jock
Jul 17 '05 #3
John Dunlop wrote:
Paul Wellner Bou wrote:
Use this:
header('Content-Disposition:att achment;filenam e="$filename"') ;

Well, I agree with your point: a disposition-type is required. I
think you've gotten your quotes muddled up though. No variable
expansion occurs in single-quoted strings.


Of course... sorry.
Didn't thought enough... and applied the php.net example without
thinking in the variable ;-)
If you follow RFC2183's advice, however, and keep to short
alphanumeric filenames, there's absolutely no need to quote the
filename value.
Ok. I trusted the examples, here.
(You might have to read it in conjunction with section 2.2, if you
haven't already memorised every rule. ;-))
No, I didn't... ;)
[...] RFC2183 updates RFC1806, but values stay the same. RFC2183 contains
the additional proviso that a "short (length <= 78 characters)
parameter value containing only non-`tspecials' characters SHOULD be
represented as a single `token'", i.e, filenames like my example
above *shouldn't* be quoted.
Which example?
The "filename" used here?
| filename-parm = "filename" "=" quoted-string


The example of /php-newbie/ only contains a variable.

Saludo
Paul
Jul 17 '05 #4
Paul Wellner Bou wrote:
John Dunlop wrote: Which [filename] example?
name.extension
The "filename" used here?
| filename-parm = "filename" "=" quoted-string

"filename" is just the (case insensitive) string "filename". The
grammar, by using quoted-string, makes it look as though the filename
parameter value must be quoted. It does not have to be quoted.
The example of /php-newbie/ only contains a variable.


It's the contents of that variable which are important. It is
recommendable that filenames be short and contain only alphanumeric
characters. If they fit that description, they shouldn't be quoted.

My article was an observation on RFC2616's misleading grammar. I
didn't intended to address specific questions.

--
Jock
Jul 17 '05 #5
php newbie wrote:

I have a php script that allows users to download files they selected
earlier in the session.
I use the following code snippet to do this:

## set up headers
header("Content-type: application/x-gzip");
header("Content-disposition: filename: $filename");
header("Filenam e: $filename");
header("Content-length: ".filesize("pri vate/$filename"));

## now send the contents
@readfile("priv ate/$filename");

The problem is that the downloaded file gets named as this php code's
file name, and not the actual file name. I mean, if the php code is
in a file named process.php and the file the users download is
myfile.zip, the browser chooses to save the file as process.php.gz.

Any suggestions to fix this?


In addition to the helpful suggestions already mentioned, I'd like to add that
there's no guarantee that all browsers will pick up your file name. What you
could do is rename your PHP script to something like "download" (notice, no .php
extension). Make or change a .htaccess to force Apache to treat that file like
a PHP file.

In the PHP file, parse the $_SERVER['QUERY_STRING'] to get the file name, and if
it exists (make sure they can't traverse directories and all the usual security
stuff) do your thing.

So you'd call your file with something like:

http://yoursite.com/download/testfile.zip

http://www.devarticles.com/c/a/Apach...r-Page-URLs/1/

Regards,
Shawn

--
Shawn Wilson
sh***@glassgian t.com
http://www.glassgiant.com
Jul 17 '05 #6

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics
21
3287
Can't get Function to run from Include file
by: Peter Bassett | last post by:
I have a .shtml file, that displays photos, in which I wish to pass some functionality off to an Include file for reusability purposes. Unfortunately, it's not working. Here is a portion of the .shtml file: ====== <!--#include file="/tmb8/functions.inc"--> <script type="text/javascript"> var title = "Noosa, Australia - October /...
Javascript
35
5142
Determining whether IE6 renders in Quirks or Standard mode???
by: Dr.Tube | last post by:
Hi there, I have this web site (www.DrTube.com) which has the following DTD: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> which switches Mozilla to standards compliance mode as I can confirm myself. How can I check whether IE6 and Opera do so too? TIA Regards Xavier van Unen.
HTML / CSS
22
2543
Unrecognized file format prolem with valid html, please help!
by: Jeff Parker | last post by:
I have a web application that for the real estate industry. Here is one of the sites using said application. http://www.wellsre.com As you can see if you click this link here http://validator.w3.org/check?uri=http%3A%2F%2Fwww.wellsre.com This site validates just fine using the w3 validator
HTML / CSS
6
2761
How do I turn quirks mode on for XSL generated data in Mozilla?
by: Thomas | last post by:
In Mozilla: The problem we are trying to solve: We are using XSL/XML to generate tables with text in the rows. The spacing is wider then when those same exact tables are created in regular HTML. We figured out that this has to do with Mozilla rendering the HTML page in quirks mode, versus the XML/XSL page being rendered in strict mode. I...
HTML / CSS
1
5364
Howto detect that the file as been downloaded completely from serv
by: Roy | last post by:
Hi, I have a problem that I have been working with for a while. I need to be able from server side (asp.net) to detect that the file i'm streaming down to the client is saved completely/succsessfully on the client's computer before updating some metadata on the server (file downloaded date for instance) However, All examples i have tried,...
ASP.NET
16
3228
HELP! Trying to add Email Notification to Download File Code
by: matt | last post by:
I have used some free code for listing files for download, but I want to send an email to the administrator when the file has been downloaded. I have got some code in here that does it, but it will not print in the username or email amddress of the person doing the download - which I am collecting from a form on the previous page. I can get...
PHP
18
2313
Web sites that discuss IE gotchas?
by: Neil Cherry | last post by:
I'm in the process of redesigning my web page and started working more with CSS. I have, what I think is, a nice web layout (I'm no expert so I could be wrong). When I tested it with Konqueror and Firefox it works well (a few minor problems) but when I test it with IE 6.0 it doesn't display or it jumbles everything up. I've tried using various...
HTML / CSS
4
2413
Import txt file with vertical fields into access db
by: Roberto Mora | last post by:
I have not done programming in a very long time and what is worst, I never learned VB. Although my job does not require this knowledge, I cam across a problem that although it seemed simple it has become a nightmare. There is a log that gets generated in a regular basis and need to put most , but not all its contents in a DB (new or...
Visual Basic 4 / 5 / 6
1
47386
KevinADC
How to Make a File Download Script with Perl
by: KevinADC | last post by:
Note: You may skip to the end of the article if all you want is the perl code. Introduction Many websites have a form or a link you can use to download a file. You click a form button or click on a link and after a moment or two a file download dialog box pops-up in your web browser and prompts you for some instructions, such as “open” or...
Perl
0
7693
marktang
What is ONU?
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main...
General
1
7660
The easy way to turn off automatic updates for Windows 10/11
by: Hystou | last post by:
Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows Update option using the Control Panel or Settings app; it automatically checks for updates and installs any it finds, whether you like it or not. For...
Windows Server
0
6275
agi2029
AI Job Threat for Devs
by: agi2029 | last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then...
Career Advice
1
5498
isladogs
Access Europe - Using VBA to create a class based on a table - Wed 1 May
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules. He will explain when you may want to use classes...
Microsoft Access / VBA
0
5217
Couldn’t get equations in html when convert word .docx file to html file in C#.
by: conductexam | last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one. At the time of converting from word file to html my equations which are in the word document file was convert...
C# / C Sharp
0
3651
Trying to create a lan-to-lan vpn between two differents networks
by: TSSRALBI | last post by:
Hello I'm a network technician in training and I need your help. I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs. The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols. I succeeded, with both firewalls in...
Networking - Hardware / Configuration
0
3631
Windows Forms - .Net 8.0
by: adsilva | last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
Visual Basic .NET
1
2101
transfer the data from one system to another through ip address
by: 6302768590 | last post by:
Hai team i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system
C# / C Sharp
0
932
bsmnconsultancy
Comprehensive Guide to Website Development in Toronto: Expert Insights from BSMN Consultancy
by: bsmnconsultancy | last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating...
General

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes
How to Post and Respond on Bytes
How to Promote and Link on Bytes
How to increase your Ranking on Bytes
Become a Recognized Expert on Bytes
Feedback Welcomed! Contact Us