Home/ Questions/Q 8960689
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-15T15:42:56+00:00

I have this download script which works perfectly, but one the file is downloaded,

  • 0

I have this download script which works perfectly, but one the file is downloaded, I want the page to reload. But once the file is downloaded, the page just dies? It is supposed to be a secure download script so users can’t see the paths of files. It’s called by using a POST submission

<?php
session_start();

//Assign variables from session
$userid = $_SESSION["id"];
$email = $_SESSION['email'];
$password = $_SESSION['password'];

//Require database connection and functions
require('includes/config.php');
include('includes/functions.php');

//Check if user is logged in
if (!$userid || !$email || !$password)
{
    header("Location: index.php");
}       

// Usage: <a href="download.php?file=test.txt&category=test">Download</a> 
// Path to downloadable files (will not be revealed to users so they will never know your file's real address) 
$hiddenPath = "uploaded_notes/";

// VARIABLES 
if (!empty($_POST['file'])){
$file_id = $_POST['file'];
    $result = mysql_query("SELECT * FROM files WHERE id='$file_id'");
    $row = mysql_fetch_array($result);
$file = $row['location'];
$price = $row['price'];

    $result2 = mysql_query("SELECT coins FROM users WHERE id='$userid'");
    $row2 = mysql_fetch_array($result2);
$coins = $row2['coins'];

$new_coins = $coins-$price;
if ($new_coins >= 0)
{
    mysql_query("UPDATE users SET coins = $new_coins WHERE id='$id'");
}
else {
header("Location: dashboard.php");
die();
}

//Insert into purchases
$datetime = date("Y-m-d H:i:s");@
mysql_query("INSERT INTO purchases (userid, fileid, datetime) VALUES ('$userid', '$file_id', '$datetime')");

$file = str_replace('%20', ' ', $file); 
$category = (!empty($_GET['category'])) ? $_GET['category'] . '/' : ''; 
} else {
    header('Location: dashboard.php');
    die('Hacking attempt reported.');
}

$file_real = $hiddenPath . $category . $file; 
$ip = $_SERVER['REMOTE_ADDR'];

// If requested file exists 
if (file_exists($file_real)){ 
// Get extension of requested file 
$extension = strtolower(substr(strrchr($file, "."), 1)); 
// Determine correct MIME type 
switch($extension){ 
case "asf": $type = "video/x-ms-asf"; break; 
case "avi": $type = "video/x-msvideo"; break; 
case "exe": $type = "application/octet-stream"; break; 
case "mov": $type = "video/quicktime"; break; 
case "mp3": $type = "audio/mpeg"; break; 
case "mpg": $type = "video/mpeg"; break; 
case "mpeg": $type = "video/mpeg"; break; 
case "rar": $type = "encoding/x-compress"; break; 
case "txt": $type = "text/plain"; break; 
case "wav": $type = "audio/wav"; break; 
case "wma": $type = "audio/x-ms-wma"; break; 
case "wmv": $type = "video/x-ms-wmv"; break; 
case "zip": $type = "application/x-zip-compressed"; break; 
case "jpg": $type = "image/jpeg"; break; 
default: $type = "application/force-download"; break; 
} 
// Fix IE bug [0] 
$header_file = (strstr($_SERVER['HTTP_USER_AGENT'], 'MSIE')) ? preg_replace('/\./', '%2e', $file, substr_count($file, '.') - 1) : $file; 
// Prepare headers 
header("Pragma: public"); 
header("Expires: 0"); 
header("Cache-Control: must-revalidate, post-check=0, pre-check=0"); 
header("Cache-Control: public", false); 
header("Content-Description: File Transfer"); 
header("Content-Type: " . $type); 
header("Accept-Ranges: bytes"); 
header("Content-Disposition: attachment; filename=\"" . $header_file . "\";"); 
header("Content-Transfer-Encoding: binary"); 
header("Content-Length: " . filesize($file_real));



// Send file for download 
if ($stream = fopen($file_real, 'rb')){
while(!feof($stream) && connection_status() == 0){

//reset time limit for big files 
print(fread($stream,1024*8)); 
flush(); 

} 
fclose($stream); 
} 
}else{ 
// Requested file does not exist (File not found) 
echo("Requested file does not exist"); 
die(); 

} 
?>

The refresh code works if I put it right before

print(fread($stream,1024*8));

But after that it does not work…

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Downloading a file is a one time thing. You won’t be able to redirect after the file is downloaded. You can try adding a refresh header before pumping out your contents, but some browsers will see that as a cancellation.

    See this post for more information: https://stackoverflow.com/questions/5960895/redirect-after-download-not-working-php

    You can read this post, this post, and this post for more information.

    Basically, what they all boil down to is the HTTP headers. A redirect header cannot be sent after you have echoed content. On the other hand, a redirect header before echoing content will just cancel the download.

    A different way you could do this would be to have a hidden iframe, and submit your request there, but I am guessing that isn’t what you are wanting.

    • 0