0

download.php:

<?php require_once('Connections/connection_psfriend.php'); ?>
<?php
$idreceived = addslashes($_REQUEST['sendid']);

$filepathquery = "SELECT bd_brushfilepath FROM tbl_brushdescription WHERE bd_brushid = $idreceived";
$Recordset = mysql_query($filepathquery,$connection_psfriend) or die(mysql_error());
$filepath = mysql_fetch_assoc($Recordset);
$receivedfilerequest = $filepath['bd_brushfilepath'];
$file_path = $_SERVER['DOCUMENT_ROOT'].'/'.'ps-friend'.'/' . $receivedfilerequest;

$updatedownlaodquery = "UPDATE tbl_brushdescription SET bd_brushdownloads = bd_brushdownloads + 1 WHERE bd_brushid = $idreceived";
$Recordset = mysql_query($updatedownlaodquery,$connection_psfriend) or die(mysql_error());
if(file_exists( $file_path)){

header('Content-Description: File Transfer');
header('Content-Type: application/octet-stream');
header('Content-Disposition: attachment; filename='.basename($file_path));
header('Content-Transfer-Encoding: binary');
header('Expires: 0');
header('Cache-Control: must-revalidate');
header('Pragma: public');
header('Content-Length: ' . filesize($file_path));
ob_clean();
flush();
readfile($file_path);
exit;

}

My problem:

The code works fine with google Chrome for all 143 entries made in the database. It works fine fine with Firefox too except for 5 out of those 143.

for firefox it shows:( for those 5 entries):enter image description here

In the database, I am using filepaths to store the files. All the files are either in zip format or rar format. Those files are not downloaded in rar/zip format. With google chrome, there is no problem at all. Is there something wrong with the script?

Navneet Saini
  • 934
  • 4
  • 16
  • 33
  • 5
    You are using [an **obsolete** database API](http://stackoverflow.com/q/12859942/19068) and should use a [modern replacement](http://php.net/manual/en/mysqlinfo.api.choosing.php). You are also **vulnerable to [SQL injection attacks](http://bobby-tables.com/)** that a modern API would make it easier to [defend](http://stackoverflow.com/questions/60174/best-way-to-prevent-sql-injection-in-php) yourself from. – Quentin Jun 07 '13 at 14:04
  • 2
    You shoukd set the correct mimetype, at the line `header('Content-Type: application/octet-stream');` you are setting, in fact, the mimetype appearing on that download dialog. – Jacopofar Jun 07 '13 at 14:05
  • 2
    Try explicitly setting the `Content-Type` to `application/zip` or `application/rar`. – marekful Jun 07 '13 at 14:05

2 Answers2

1

First of all, please stop using MYSQL_ function, see why-shouldnt-i-use-mysql-functions-in-php.

Secondly you are using $idreceived = addslashes($_REQUEST['sendid']); as a nice way to prevent SQL injection. Unfortunately you are calling the query like WHERE bd_brushid = $idreceived, so without quotes.

In other words, you are still vulnerable, as long as I dont use any quotes. Consider me sending sendid=1 OR 1=1. All your rows would be updated in the second query.

Change it to WHERE bd_brushid = '$idreceived', or even better: check how-to-prevent-sql-injection-in-php

Now to your problem. I think you should change one line to the following to include quotes

header('Content-Disposition: attachment; filename="'.basename($file_path).'"');

If it still does not work, send the right content type in the header.

<?php

$finfo = finfo_open(FILEINFO_MIME_TYPE);
$type = finfo_file($finfo, $file_path);

header('Content-Type: '.$type)
?>
Community
  • 1
  • 1
Hugo Delsing
  • 13,803
  • 5
  • 45
  • 72
1

The following has always worked for me 

$file=$_POST['file'];
header( "Content-Disposition: attachment; filename=$file" );
readfile("$_POST[file]");

without any of the content type headers.However my file extension is .zip.Your file does not seem to have an extension.

rjv
  • 6,058
  • 5
  • 27
  • 49