you code is *still* borked in pretty much the same way it
was to begin with ...
<?php
session_start();
if (isset($_SESSION['email'])) {
if (isset($_GET['file'])) {
$file = basename($_GET['file']);
$full = '/var/www/'.$file;
if (!is_readable($full)) {
$error = "Invalid filename.";
} else {
header('Content-type: application/pdf');
header('Content-Length: '.filesize($full));
header('Content-disposition: attachment; filename="'.$file.'"');
readfile($full);
exit;
}
}
if (isset($error)) {
echo "<p>there was an error: $error</p>";
}
echo '<p><a href="',$_SERVER['PHP_SELF'],'?file=testudio.pdf">download it!</a></p>';
exit;
} else {
echo '<p><a href="/login.php?redirect=',urlencode($_SERVER['PHP_SELF']),'">please login</a></p>';
}
Mário Gamito wrote:
> Hi,
>
>> Where did you get the $data variable?
>> as filesize($data) would return false here, and that's not a good
>> value for the Content-Length header :)
> Sorry, bad Copy & Paste.
>
> I get it from:
> $data = readfile($full);
>
> Result in the browser is:
>
> "%PDF-1.4 %âãÏÓ 351 0 obj <> endobj xref 351 434 0000000016 00000 n
> 0000010281 00000 n 0000010417 00000 n 0000010574 00000 n 0000010607
> 00000 n 0000012850 00000 n 0000012884 00000 n 0000013037 00000 n
> 0000013174 00000 n 0000013704 00000 n 0000014104 00000 n 0000014488
> 00000 n 0000014700 00000 n 0000014747 00000 n 0000014794 00000 n
> 0000014842 00000 n 0000014889 00000 n 0000014937 00000 n 0000014984
> 00000 n 0000015033 00000 n 0000015082 00000 n 0000015130 00000 n
> 0000015179 00000 n 0000015228 00000 n 0000015277 00000 n 0000015326 "
> (etc...)
>
> Full code after my signature.
>
> Any help would be appreciated.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
