PHP Downloading a file from a different password protected server

Question

I am building an application that will allow users to download some pdf files, but these files are stored on a different server which is password protected, the password is known. What is the best way to pass these files on to the user.

MyAppIP/applicationfiles.php
FilesIP/PDF-Files/file1.pdf <-- this is password protected, but I know the pass.

I was thinking on saving the files on my own server first since they have a maximum size of 100kb. Then passing them to the user and deleting the local file again, but I haven't completely figured out how to obtain the file from the other server in the first place.
So how do I obtain files from the different server in php?

http://mithunjj.com/download-remote-file-with-php-output-to-browser/ this works and I dont know why, and it seems like a major security flaw. — kpp, Jun 03 '14 at 08:14

score 3 · Accepted Answer · answered Jun 03 '14 at 08:21

3

You can use CURL for download file from protected server. CURL also support many authorization methods. http://www.php.net/manual/en/function.curl-setopt.php

$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, 'FilesIP/PDF-Files/file1.pdf');
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_USERPWD, "Login:Password");
curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
$file = curl_exec($ch);
curl_close($ch);

file_put_contents('/var/www/file.pdf', $file);

// return download link to user
// <a href="file.pdf">Download</a>

answered Jun 03 '14 at 08:21

Ilya Manyahin

238
3
12

1

I accept this answer, but the problem just got a little more complicated, since I have to select a certain set of filenames from this remote directory. Without really knowing the exact name. I know they start with a four digit number which is connected to an ID in the database, and they end with .pdf, for instance 1234randomdateandname.pdf. I tried using glob($url.$id."*.pdf"), but glob wont look in remote directories. So I am currently looking into ftp functions of php. I guess ill start another question once I can again if I havent figured out by then. – kpp Jun 03 '14 at 08:42

score 0 · Answer 2 · answered Jun 03 '14 at 08:19

If the auth is basic http and you have installed curl, you can use this:

$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_USERPWD, "$username:$password");
curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
$output = curl_exec($ch);
curl_close($ch);

PHP Downloading a file from a different password protected server

2 Answers2

Linked