473,249 Members | 1,830 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,249 software developers and data experts.

File download module works for .ZIP/.TXT but .EXE are always corrupted...

I wrote a file download module for my website. The reason for the file
download module is that my website downloads work on a credit based system.
So I need to keep track of and limit daily downloads.

It uses fpassthru() and some headers() to send a file to the requesting
user. The get.php file that I wrote (the file download module if you will)
works like a charm for .ZIP files and .TXT files. However, when .EXE files
are downloaded they are always corrupt. The problem exists in both MSIE and
Mozilla.

Someone suggested that I have too much code in my get.php file. I thought
this was strange but I tested it nonetheless. It turns out when I had my
get.php file with just the minimal code it worked fine for all file types:
..zip, .txt, .exe.

So I have two options:
1) Use a very very simple get.php with just the necessary header() and
fpassthru() code. This means I need another "buddy file" that will perform
the credit checking, accessing the database etc. If I use this method I
need a way to secure the get.php so that not just not anyone can call the
get.php, but they have to go through the credit checking. This seems that
it would again end up making the get.php file bloated.

2) Maybe something is wrong with my "bloated" get.php and that is why
..EXE are being corrupted. It seems strange that .ZIP and .TXT would work
fine but .EXE are not. This would definitely be the easier of the two
options I believe, if it possible.

I have had people tell me that:

"You can't have excess code in a file download module"

"It doesnt matter how many code is in the file download module"

So who is correct I ask, and how can I remedy my problem?

Thanks,
Brandon
//THE MINIMAL GET.PHP THAT WORKS LIKE A CHARM FOR ALL FILETYPES:
<?
if (strlen($HTTP_GET_VARS[sub]) > 0)
$path = "../Archive/" . $HTTP_GET_VARS[cat] . "/" . $HTTP_GET_VARS[sub] .
"/" . $HTTP_GET_VARS[file];
else
$path = "../Archive/" . $HTTP_GET_VARS[cat] . "/" . $HTTP_GET_VARS[file];

header("Pragma: ");
header("Cache-Control: ");
header("Content-type: application/octet-stream");
header("Content-Disposition: filename=\"$HTTP_GET_VARS[file]\"");
header("Content-Length: " . filesize($path));
header ("Connection: close");
//header("Content-Transfer-Encoding: binary\n");
$fp=fopen($path,"rb");
fpassthru($fp);
?>


//THE FILE "BLOATED" GET.PHP:

<?

if (strlen($HTTP_GET_VARS[sub]) > 0)
$path = "../Archive/" . $HTTP_GET_VARS[cat] . "/" . $HTTP_GET_VARS[sub] .
"/" . $HTTP_GET_VARS[file];
else
$path = "../Archive/" . $HTTP_GET_VARS[cat] . "/" . $HTTP_GET_VARS[file];

header("Pragma: ");
header("Cache-Control: ");
header("Content-type: application/octet-stream");
header("Content-Disposition: filename=\"$HTTP_GET_VARS[file]\"");
header("Content-Length: " . filesize($path));
header ("Connection: close");
//header("Content-Transfer-Encoding: binary\n");

require("config.php");

$result = mysql_query("SELECT credit FROM $db_users WHERE username =
'$HTTP_COOKIE_VARS[username]' AND password = '$HTTP_COOKIE_VARS[password]'",
$db);
$myrow = mysql_fetch_assoc($result);
$credit = $myrow[credit];

if ($credit > 0) {
$credit--;
$result = mysql_query("UPDATE $db_users SET credit = '$credit' WHERE
username = '$HTTP_COOKIE_VARS[username]'", $db);

$result = mysql_query("SELECT downloads FROM $db_files WHERE file_name =
'$HTTP_GET_VARS[file]' AND cat = '$HTTP_GET_VARS[cat]'", $db);
$myrow = mysql_fetch_assoc($result);
$downloads = $myrow[downloads];
$downloads++;
$result = mysql_query("UPDATE $db_files SET downloads = '$downloads' WHERE
file_name = '$HTTP_GET_VARS[file]' AND cat = '$HTTP_GET_VARS[cat]'", $db);

//readfile(FilePath($HTTP_GET_VARS[cat], $HTTP_GET_VARS[sub],
$HTTP_GET_VARS[file]));
$fp=fopen($path,"rb");
fpassthru($fp);
}else {
echo "Sorry, you do not have access or enough credit for this download.";
}
?>
Jul 17 '05 #1
5 6055
A few guesses. you require config.php in the bloated version - make sure
there is no whitespace before the <?php or after the ?> in config.php (e.g.
spaces, newlines etc, as these will be sent as a part of the file, which you
definitely do not want.) Two: your "Sorry, you do not have access or enough
credit for this download" will likely never show up in the browser, but will
rather be offered as binary data... not at all desirable (you have already
sent the headers at this point...)

Brandon Walters wrote:
I wrote a file download module for my website. The reason for the
file download module is that my website downloads work on a credit
based system. So I need to keep track of and limit daily downloads.

It uses fpassthru() and some headers() to send a file to the
requesting user. The get.php file that I wrote (the file download
module if you will) works like a charm for .ZIP files and .TXT files.
However, when .EXE files are downloaded they are always corrupt. The
problem exists in both MSIE and Mozilla.

Someone suggested that I have too much code in my get.php file. I
thought this was strange but I tested it nonetheless. It turns out
when I had my get.php file with just the minimal code it worked fine
for all file types: .zip, .txt, .exe.

So I have two options:
1) Use a very very simple get.php with just the necessary
header() and fpassthru() code. This means I need another "buddy
file" that will perform the credit checking, accessing the database
etc. If I use this method I need a way to secure the get.php so that
not just not anyone can call the get.php, but they have to go through
the credit checking. This seems that it would again end up making
the get.php file bloated.

2) Maybe something is wrong with my "bloated" get.php and that is
why .EXE are being corrupted. It seems strange that .ZIP and .TXT
would work fine but .EXE are not. This would definitely be the
easier of the two options I believe, if it possible.

I have had people tell me that:

"You can't have excess code in a file download module"

"It doesnt matter how many code is in the file download module"

So who is correct I ask, and how can I remedy my problem?

Thanks,
Brandon
//THE MINIMAL GET.PHP THAT WORKS LIKE A CHARM FOR ALL FILETYPES:
<?
if (strlen($HTTP_GET_VARS[sub]) > 0)
$path = "../Archive/" . $HTTP_GET_VARS[cat] . "/" .
$HTTP_GET_VARS[sub] . "/" . $HTTP_GET_VARS[file];
else
$path = "../Archive/" . $HTTP_GET_VARS[cat] . "/" .
$HTTP_GET_VARS[file];

header("Pragma: ");
header("Cache-Control: ");
header("Content-type: application/octet-stream");
header("Content-Disposition: filename=\"$HTTP_GET_VARS[file]\"");
header("Content-Length: " . filesize($path));
header ("Connection: close");
//header("Content-Transfer-Encoding: binary\n");
$fp=fopen($path,"rb");
fpassthru($fp);



//THE FILE "BLOATED" GET.PHP:

<?

if (strlen($HTTP_GET_VARS[sub]) > 0)
$path = "../Archive/" . $HTTP_GET_VARS[cat] . "/" .
$HTTP_GET_VARS[sub] . "/" . $HTTP_GET_VARS[file];
else
$path = "../Archive/" . $HTTP_GET_VARS[cat] . "/" .
$HTTP_GET_VARS[file];

header("Pragma: ");
header("Cache-Control: ");
header("Content-type: application/octet-stream");
header("Content-Disposition: filename=\"$HTTP_GET_VARS[file]\"");
header("Content-Length: " . filesize($path));
header ("Connection: close");
//header("Content-Transfer-Encoding: binary\n");

require("config.php");

$result = mysql_query("SELECT credit FROM $db_users WHERE username =
'$HTTP_COOKIE_VARS[username]' AND password =
'$HTTP_COOKIE_VARS[password]'", $db);
$myrow = mysql_fetch_assoc($result);
$credit = $myrow[credit];

if ($credit > 0) {
$credit--;
$result = mysql_query("UPDATE $db_users SET credit = '$credit' WHERE
username = '$HTTP_COOKIE_VARS[username]'", $db);

$result = mysql_query("SELECT downloads FROM $db_files WHERE
file_name = '$HTTP_GET_VARS[file]' AND cat = '$HTTP_GET_VARS[cat]'",
$db); $myrow = mysql_fetch_assoc($result);
$downloads = $myrow[downloads];
$downloads++;
$result = mysql_query("UPDATE $db_files SET downloads =
'$downloads' WHERE file_name = '$HTTP_GET_VARS[file]' AND cat =
'$HTTP_GET_VARS[cat]'", $db);

//readfile(FilePath($HTTP_GET_VARS[cat], $HTTP_GET_VARS[sub],
$HTTP_GET_VARS[file]));
$fp=fopen($path,"rb");
fpassthru($fp);
}else {
echo "Sorry, you do not have access or enough credit for this
download."; }

Jul 17 '05 #2
Brandon Walters wrote:

I wrote a file download module for my website. The reason for the file
download module is that my website downloads work on a credit based system.
So I need to keep track of and limit daily downloads.

It uses fpassthru() and some headers() to send a file to the requesting
user. The get.php file that I wrote (the file download module if you will)
works like a charm for .ZIP files and .TXT files. However, when .EXE files
are downloaded they are always corrupt. The problem exists in both MSIE and
Mozilla.

Someone suggested that I have too much code in my get.php file. I thought
this was strange but I tested it nonetheless. It turns out when I had my
get.php file with just the minimal code it worked fine for all file types:
.zip, .txt, .exe.

So I have two options:
1) Use a very very simple get.php with just the necessary header() and
fpassthru() code. This means I need another "buddy file" that will perform
the credit checking, accessing the database etc. If I use this method I
need a way to secure the get.php so that not just not anyone can call the
get.php, but they have to go through the credit checking. This seems that
it would again end up making the get.php file bloated.

2) Maybe something is wrong with my "bloated" get.php and that is why
.EXE are being corrupted. It seems strange that .ZIP and .TXT would work
fine but .EXE are not. This would definitely be the easier of the two
options I believe, if it possible.

I have had people tell me that:

"You can't have excess code in a file download module"

"It doesnt matter how many code is in the file download module"

So who is correct I ask, and how can I remedy my problem?

Thanks,
Brandon

//THE MINIMAL GET.PHP THAT WORKS LIKE A CHARM FOR ALL FILETYPES:
<?
if (strlen($HTTP_GET_VARS[sub]) > 0)
$path = "../Archive/" . $HTTP_GET_VARS[cat] . "/" . $HTTP_GET_VARS[sub] .
"/" . $HTTP_GET_VARS[file];
else
$path = "../Archive/" . $HTTP_GET_VARS[cat] . "/" . $HTTP_GET_VARS[file];

header("Pragma: ");
header("Cache-Control: ");
header("Content-type: application/octet-stream");
header("Content-Disposition: filename=\"$HTTP_GET_VARS[file]\"");
header("Content-Length: " . filesize($path));
header ("Connection: close");
//header("Content-Transfer-Encoding: binary\n");
$fp=fopen($path,"rb");
fpassthru($fp);
?>

//THE FILE "BLOATED" GET.PHP:

<?

if (strlen($HTTP_GET_VARS[sub]) > 0)
$path = "../Archive/" . $HTTP_GET_VARS[cat] . "/" . $HTTP_GET_VARS[sub] .
"/" . $HTTP_GET_VARS[file];
else
$path = "../Archive/" . $HTTP_GET_VARS[cat] . "/" . $HTTP_GET_VARS[file];

header("Pragma: ");
header("Cache-Control: ");
header("Content-type: application/octet-stream");
header("Content-Disposition: filename=\"$HTTP_GET_VARS[file]\"");
header("Content-Length: " . filesize($path));
header ("Connection: close");
//header("Content-Transfer-Encoding: binary\n");

require("config.php");

$result = mysql_query("SELECT credit FROM $db_users WHERE username =
'$HTTP_COOKIE_VARS[username]' AND password = '$HTTP_COOKIE_VARS[password]'",
$db);
$myrow = mysql_fetch_assoc($result);
$credit = $myrow[credit];

if ($credit > 0) {
$credit--;
$result = mysql_query("UPDATE $db_users SET credit = '$credit' WHERE
username = '$HTTP_COOKIE_VARS[username]'", $db);

$result = mysql_query("SELECT downloads FROM $db_files WHERE file_name =
'$HTTP_GET_VARS[file]' AND cat = '$HTTP_GET_VARS[cat]'", $db);
$myrow = mysql_fetch_assoc($result);
$downloads = $myrow[downloads];
$downloads++;
$result = mysql_query("UPDATE $db_files SET downloads = '$downloads' WHERE
file_name = '$HTTP_GET_VARS[file]' AND cat = '$HTTP_GET_VARS[cat]'", $db);

//readfile(FilePath($HTTP_GET_VARS[cat], $HTTP_GET_VARS[sub],
$HTTP_GET_VARS[file]));
$fp=fopen($path,"rb");
fpassthru($fp);
}else {
echo "Sorry, you do not have access or enough credit for this download.";
}
?>


You have a newline between the start of the bloated file and "<?". Does that
exist in the real file or was that just sloppy copying/pasting? If the former,
get rid of it.

I'd suggest commenting out the headers and setting error_reporting(E_ALL). That
may show you what error you're getting and help you solve it. Also, check to
make sure config.php isn't outputting any text or whitespace.

I think the minimal code thing is a red herring. My guess is there is text
being sent somewhere. You could also put ob_start(); at the very top of your
file, put the require("config.php") before the headers, and put ob_end_clean();
immediately before the headers, but after the require statement. The beginning
of your file should look like this:

----------------------- File starts here ------------------------
<?PHP
ob_start();
//etc...

not like this:

----------------------- File starts here ------------------------

<?PHP
ob_start();
//etc...
Regards,
Shawn
--
Shawn Wilson
sh***@glassgiant.com
http://www.glassgiant.com
Jul 17 '05 #3
Ahhh, I had checked the get.php for whitespace but not the config.php.
There was whitespace in the config.php and now problem solved!!!

I am sincerely appreciative!! If you ever are in the Columbus, Ohio area
and need a favor, well let me know. I owe you one!!!

Thanks,
Brandon

"Agelmar" <if**********@comcast.net> wrote in message
news:bt************@ID-30799.news.uni-berlin.de...
A few guesses. you require config.php in the bloated version - make sure
there is no whitespace before the <?php or after the ?> in config.php (e.g. spaces, newlines etc, as these will be sent as a part of the file, which you definitely do not want.) Two: your "Sorry, you do not have access or enough credit for this download" will likely never show up in the browser, but will rather be offered as binary data... not at all desirable (you have already
sent the headers at this point...)

Jul 17 '05 #4
Ahhh, I had checked the get.php for whitespace but not the config.php.
There was whitespace in the config.php and now problem solved!!!

I am sincerely appreciative!! If you ever are in the Columbus, Ohio area
and need a favor, well let me know. I owe you one!!!

Thanks,
Brandon

"Agelmar" <if**********@comcast.net> wrote in message
news:bt************@ID-30799.news.uni-berlin.de...
A few guesses. you require config.php in the bloated version - make sure
there is no whitespace before the <?php or after the ?> in config.php (e.g. spaces, newlines etc, as these will be sent as a part of the file, which you definitely do not want.) Two: your "Sorry, you do not have access or enough credit for this download" will likely never show up in the browser, but will rather be offered as binary data... not at all desirable (you have already
sent the headers at this point...)


Jul 17 '05 #5
I see others have already solved your problem, I would just like to add
this:

at the end of your script, before the close ?> tag add:

exit();
?>

This keeps any spaces, new lines after the ?> from ever bing sent, trust me
a blank line after the end tag is sometimes hard to troubleshoot, just
becouse it is overlooked.

--
Mike Bradley
http://www.gzentools.com -- free online php tools
"Brandon Walters" <wa*********@osu.edu> wrote in message
news:bt**********@news.cis.ohio-state.edu...
I wrote a file download module for my website. The reason for the file
download module is that my website downloads work on a credit based system. So I need to keep track of and limit daily downloads.

It uses fpassthru() and some headers() to send a file to the requesting
user. The get.php file that I wrote (the file download module if you will) works like a charm for .ZIP files and .TXT files. However, when .EXE files are downloaded they are always corrupt. The problem exists in both MSIE and Mozilla.

Someone suggested that I have too much code in my get.php file. I thought
this was strange but I tested it nonetheless. It turns out when I had my
get.php file with just the minimal code it worked fine for all file types:
.zip, .txt, .exe.

So I have two options:
1) Use a very very simple get.php with just the necessary header() and
fpassthru() code. This means I need another "buddy file" that will perform the credit checking, accessing the database etc. If I use this method I
need a way to secure the get.php so that not just not anyone can call the
get.php, but they have to go through the credit checking. This seems that
it would again end up making the get.php file bloated.

2) Maybe something is wrong with my "bloated" get.php and that is why
.EXE are being corrupted. It seems strange that .ZIP and .TXT would work
fine but .EXE are not. This would definitely be the easier of the two
options I believe, if it possible.

I have had people tell me that:

"You can't have excess code in a file download module"

"It doesnt matter how many code is in the file download module"

So who is correct I ask, and how can I remedy my problem?

Thanks,
Brandon
//THE MINIMAL GET.PHP THAT WORKS LIKE A CHARM FOR ALL FILETYPES:
<?
if (strlen($HTTP_GET_VARS[sub]) > 0)
$path = "../Archive/" . $HTTP_GET_VARS[cat] . "/" . $HTTP_GET_VARS[sub] .. "/" . $HTTP_GET_VARS[file];
else
$path = "../Archive/" . $HTTP_GET_VARS[cat] . "/" . $HTTP_GET_VARS[file];
header("Pragma: ");
header("Cache-Control: ");
header("Content-type: application/octet-stream");
header("Content-Disposition: filename=\"$HTTP_GET_VARS[file]\"");
header("Content-Length: " . filesize($path));
header ("Connection: close");
//header("Content-Transfer-Encoding: binary\n");
$fp=fopen($path,"rb");
fpassthru($fp);
?>


//THE FILE "BLOATED" GET.PHP:

<?

if (strlen($HTTP_GET_VARS[sub]) > 0)
$path = "../Archive/" . $HTTP_GET_VARS[cat] . "/" . $HTTP_GET_VARS[sub] .. "/" . $HTTP_GET_VARS[file];
else
$path = "../Archive/" . $HTTP_GET_VARS[cat] . "/" . $HTTP_GET_VARS[file];
header("Pragma: ");
header("Cache-Control: ");
header("Content-type: application/octet-stream");
header("Content-Disposition: filename=\"$HTTP_GET_VARS[file]\"");
header("Content-Length: " . filesize($path));
header ("Connection: close");
//header("Content-Transfer-Encoding: binary\n");

require("config.php");

$result = mysql_query("SELECT credit FROM $db_users WHERE username =
'$HTTP_COOKIE_VARS[username]' AND password = '$HTTP_COOKIE_VARS[password]'", $db);
$myrow = mysql_fetch_assoc($result);
$credit = $myrow[credit];

if ($credit > 0) {
$credit--;
$result = mysql_query("UPDATE $db_users SET credit = '$credit' WHERE
username = '$HTTP_COOKIE_VARS[username]'", $db);

$result = mysql_query("SELECT downloads FROM $db_files WHERE file_name =
'$HTTP_GET_VARS[file]' AND cat = '$HTTP_GET_VARS[cat]'", $db);
$myrow = mysql_fetch_assoc($result);
$downloads = $myrow[downloads];
$downloads++;
$result = mysql_query("UPDATE $db_files SET downloads = '$downloads' WHERE file_name = '$HTTP_GET_VARS[file]' AND cat = '$HTTP_GET_VARS[cat]'", $db);

//readfile(FilePath($HTTP_GET_VARS[cat], $HTTP_GET_VARS[sub],
$HTTP_GET_VARS[file]));
$fp=fopen($path,"rb");
fpassthru($fp);
}else {
echo "Sorry, you do not have access or enough credit for this download."; }
?>

Jul 17 '05 #6

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

18
by: Tad Marko | last post by:
Howdy! I'm trying to get my head around Python and I've come to realize that there are a lot of idioms in Python that are a bit different than in other languages. I have a class similar to what...
8
by: Radioactive Man | last post by:
I am fairly new to the latest verion of Python and using it on windows 95, 2000, and/or XP. What libraries, modules, functions, etc. would I need to set up a Python script to download a file, say...
2
by: RickL | last post by:
I have an ASP application that uploads a specified file to the server. To retrieve the file, I simply assign the filepath and file to a hyperlink on the page. When you click "Save Target As" for...
2
by: Byron | last post by:
I am uploading a JPG file using FTP to a remote server and often the file is corrupted at the server end. The file size is the same, but the image often has a block of garbage embedded, or the...
13
by: Bob Darlington | last post by:
I have a repair and backup database routine which runs when a user closes down my application. It works fine in my development machine, but breaks on a client's at the following line: If...
1
by: Atara | last post by:
My application starts with: Module mmcMain Public Sub Main() Debug.WriteLine("Main begin") Dim splashForm As New mcDlgs.cmcDlgSplash2 splashForm.Show() ....
1
by: laredotornado | last post by:
Hi, I'm using PHP 4.4.4 on Apache 2 on Fedora Core 5. PHP was installed using Apache's apxs and the php library was installed to /usr/local/php. However, when I set my "error_reporting"...
15
by: patf | last post by:
Hi - experienced programmer but this is my first Python program. This URL will retrieve an excel spreadsheet containing (that day's) msci stock index returns. ...
1
KevinADC
by: KevinADC | last post by:
Note: You may skip to the end of the article if all you want is the perl code. Introduction Many websites have a form or a link you can use to download a file. You click a form button or click...
2
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 7 Feb 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:30 (7.30PM). In this month's session, the creator of the excellent VBE...
0
by: stefan129 | last post by:
Hey forum members, I'm exploring options for SSL certificates for multiple domains. Has anyone had experience with multi-domain SSL certificates? Any recommendations on reliable providers or specific...
0
Git
by: egorbl4 | last post by:
Скачал я git, хотел начать настройку, а там вылезло вот это Что это? Что мне с этим делать? ...
0
by: MeoLessi9 | last post by:
I have VirtualBox installed on Windows 11 and now I would like to install Kali on a virtual machine. However, on the official website, I see two options: "Installer images" and "Virtual machines"....
0
by: DolphinDB | last post by:
The formulas of 101 quantitative trading alphas used by WorldQuant were presented in the paper 101 Formulaic Alphas. However, some formulas are complex, leading to challenges in calculation. Take...
0
by: DolphinDB | last post by:
Tired of spending countless mintues downsampling your data? Look no further! In this article, you’ll learn how to efficiently downsample 6.48 billion high-frequency records to 61 million...
0
by: Aftab Ahmad | last post by:
Hello Experts! I have written a code in MS Access for a cmd called "WhatsApp Message" to open WhatsApp using that very code but the problem is that it gives a popup message everytime I clicked on...
0
by: ryjfgjl | last post by:
ExcelToDatabase: batch import excel into database automatically...
0
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, we are pleased to welcome back...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.