PHP readfile() and large files

Question

When using readfile() -- using PHP on Apache -- is the file immediately read into Apache's output buffer and the PHP script execution completed, or does the PHP script execution wait until the client finishes downloading the file (or the server times out, whichever happens first)?

The longer back-story:

I have a website with lots of large mp3 files (sermons for a local church). Not all files in the audio archive are allowed to be downloaded, so the /sermon/{filename}.mp3 path is rewritten to really execute /sermon.php?filename={filename} and if the file is allowed to be downloaded then the content type is set to "audio/mpeg" and the file streamed out using readfile(). I've been getting complaints (almost exclusively from iPhone users who are streaming the downloads over 3G) that the files don't fully download, or that they cut off after about 10 or 15 minutes. When I switched from streaming out the file with a readfile() to simply redirecting to the file -- header("Location: $file_url"); -- all of the complaints went away (I even checked with a few users who could reliably reproduce the problem on demand previously).

This leads me to suspect that when using readfile() the PHP script engine is in use until the file is fully downloaded but I cannot find any references which confirm or deny this theory. I'll admit I'm more at home in the ASP.NET world and the dotNet equivalent of readfile() pushes the whole file to the IIS output buffer immediately so the ASP.NET execution pipeline can complete independently of the delivery of the file to the end client... is there an equivalent to this behavior with PHP+Apache?

Answer 1

You may still have PHP output buffering active while performing the readfile(). Check that with:

if (ob_get_level()) ob_end_clean();

or

while (ob_get_level()) ob_end_clean();

This way theonly remaining output Buffer should be apache's Output Buffer, see SendBufferSize for apache tweaks.

EDIT

You can also have a look at mod_xsendfile (an SO post on such usage, PHP + apache + x-sendfile), so that you simply tell the web server you have done the security check and that now he can deliver the file.

Answer 2

a few things you can do (I am not reporting all the headers that you need to send that are probably the same ones that you currently have in your script):

set_time_limit(0);  //as already mention
readfile($filename);
exit(0);

or

passthru('/bin/cat '.$filename);
exit(0);

or

//When you enable mod_xsendfile in Apache
header("X-Sendfile: $filename");

or

//mainly to use for remove files
$handle = fopen($filename, "rb");
echo stream_get_contents($handle);
fclose($handle);

or

$handle = fopen($filename, "rb");
while (!feof($handle)){
    //I would suggest to do some checking
    //to see if the user is still downloading or if they closed the connection
    echo fread($handle, 8192);
}
fclose($handle);

Answer 3

The script will be running until the user finishes downloading the file. The simplest, most efficient and surely working solution is to redirect the user:

header("Location: /real/path/to/file");
exit;

But this may reveal the location of the files. It's a good idea to password-protect the files that may not be downloaded by everyone anyway with an .htaccess file, but perhaps you use a database to detemine access and this is no option.

Another possible solution is setting the maximum execution time of PHP to 0, which disables the limit:

set_time_limit(0);

Your host may disallow this, though. Also PHP reads the file into the memory first, then goes through Apache's output buffer, and finally makes it to the network. Making users download the file directly is much more efficient, and does not have PHP's limitations like the maximum execution time.

Edit: The reason you get this complaint a lot from iPhone users is probably that they have a slower connection (e.g. 3G).

Answer 4

downloading files thru php isnt very efficient, using a redirect is the way to go. If you dont want to expose the location of the file, or the file isnt in a public location then look into internal redirects, here is a post that talks about it a bit, Can I tell Apache to do an internal redirect from PHP?

Answer 5

Try using stream_copy_to_stream() instead. I find is has fewer problems than readfile().

set_time_limit(0);
$stdout = fopen('php://output', 'w');
$bfname = basename($fname);

header("Content-type: application/octet-stream");
header("Content-Disposition: attachment; filename=\"$bfname\"");

$filein = fopen($fname, 'r');
stream_copy_to_stream($filein, $stdout);

fclose($filein);
fclose($stdout);

Answer 6

Under Apache, there is a nice elgant solution not involving php at all:

Just place an .htaccess config file into the folder containing the files to be offered for download with the following contents:

<Files *.*>
ForceType applicaton/octet-stream
</Files>

This tells the Apache to offer all files in this folder (and all its subfolders) for download, instead of directly displaying them in the browser.

Answer 7

See below url

http://php.net/manual/en/function.readfile.php

<?php
$file = 'monkey.gif';

if (file_exists($file)) {
    header('Content-Description: File Transfer');
    header('Content-Type: application/octet-stream');
    header('Content-Disposition: attachment; filename='.basename($file));
    header('Content-Transfer-Encoding: binary');
    header('Expires: 0');
    header('Cache-Control: must-revalidate');
    header('Pragma: public');
    header('Content-Length: ' . filesize($file));
    ob_clean();
    flush();
    readfile($file);
    exit;
}
?>