URL to file in non web accessible directory (Readfile()? Fopen()?…)

PHP
1

so files are uploaded to a non web accessible directory on my server, but i want to provide a URL or some for of download access to these files. Below is my attempt, but it isn’t working.

$destination = $_SERVER["DOCUMENT_ROOT"] . "/../Uploads/" . $random;
mkdir($destination);
move_uploaded_file($temp, $destination."/".$name);

// OLD LINE $final = $server."/".$destination."/".$name;

$yourfile = readfile('var/www/vhosts/site.com/'.$destination.'/'.$name');

and i then echo our $yourfile:

<?php echo $yourfile; ?>

elsewhere.

I either get a failed to open stream, or a huge long string. Or it just doesnt work.

Is there any solution to just download the file on request via URL?

I want to keep the directory non web accessible.

2

Read the documentation/comments for [fphp]readfile[/fphp] over at the manual; take note of the Content-Type header too. :wink:

3

Hi Anthony, sorry to disappoint but after a day trying, im still unable to solve this one. Hand?

<?php

error_reporting(E_ALL);
ini_set('display_errors', 'On');

ob_start();

session_start();

$extensions = array("jpg", "png","jpeg", "gif", "zip", "rar", "swf", "tiff", "bmp", "txt", "fla", "7z", "tar", "gz", "iso", 

"dmg", "mp3", "wav", "m4a", "aac", "doc", "docx", "xls", "rtf", "ppt", "bsd", "exe", "psd", "c4d", "pdf", "dwg", "max", "ipa", 

"vtf", "iam", "ipt", "flv", "cap", "scr");
$maxsize = 104288000;
$server = "http://www.testandre.com";

$name = $_FILES['file']['name'];
$temp = $_FILES['file']['tmp_name'];
$size = $_FILES['file']['size'];

$random = md5(uniqid(rand(), true));
$random = substr($random, 0, 20);

if (!$name || !$temp || !$size)
{
   echo "Go back and select a file.";
   exit();
}

foreach ($_FILES as $file)
{
 if ($file['tmp_name'] != null) 
 {
	$thisext1=explode(".", strtolower($file['name']));
	$thisext=$thisext1[count($thisext1)-1];
  if (!in_array($thisext, $extensions))
  {
    echo "That file type is not allowed.";
   exit(); 
  }
 }
}

if ($size > $maxsize)
{
   echo "File size too big.";
   exit();
}

$destination = $_SERVER["DOCUMENT_ROOT"] . "/../Uploads/" . $random;
mkdir($destination);
move_uploaded_file($temp, $destination."/".$name);

$final = $server."/".$destination."/".$name;

$contents = file_get_contents("http://is.gd/create.php?format=simple&url=$final");

$yourfile = /var/www/vhosts/testandre.com/'.$destination.'/'.name;

?>

and elsewhere:


<input type="text" size="10" onClick=select() value="<?php readfile($yourfile); exit();?>" READONLY><p />
4

See http://www.felgall.com/php18.htm for a PHP file that you would use to access PDF files from a different folder. If the $path value there were set to the relative address to a location outside of the root folder then calling this PHP would result in displaying the PDF from that location.

For other file types you’d need a different set of headers but the rest of the process would be the same.