2

I'm creating a ZIP file with several scripts in it (for example: test.php, functions.js and style.css).

The scripts works just fine, the only problem is that the ZIP file gets placed on my webserver. Is there a way to prevent this? I've read multiple similar questions: this one seems to work, but I can't figure it out how to use that.

So, I wan't to delete the file after it has been placed (even if user aborts it) or (even better) that my scripts never puts the file on the webserver.

download.php

$scriptId = checkNumeric($_GET['sid']);

//Check if user has access to the script
if(isLoggedIn() && hasScriptAccess($scriptId))  {

    //Create ZIP
    $zip = new ZipArchive();
    $zipName = "script.zip";

    if ($zip->open($zipName, ZIPARCHIVE::CREATE)!== TRUE) {
        exit(); //Something went wrong while creating the ZIP
    }

    //Get associated codes
    $query = $mysqli->query("SELECT * FROM code WHERE script_id = '{$scriptId}'");
    while($code = $query->fetch_assoc()) {
        $filename = $code['title'];
        $content = $code['code'];

        //Add file to ZIP
        $zip->addFromString($filename, $content);
    }

    $zip->close();

    //Set headers
    header("Pragma: public");
    header("Expires: 0");
    header("Cache-Control: must-revalidate, post-check=0, pre-check=0");
    header("Cache-Control: public");
    header("Content-Description: File Transfer");
    header("Content-type: application/octet-stream");
    header("Content-Disposition: attachment; filename='" . $zipName . "'");
    header("Content-Transfer-Encoding: binary");
    header("Content-Length: " . filesize($zipName));

    clearstatcache(); //Make sure the file size isn't cached
    readfile($zipName); //Output the file
    $zip->deleteName($zipName);
}
Community
  • 1
  • 1
JasonK
  • 5,214
  • 9
  • 33
  • 61
  • 1
    Is it possible for you to schedule a cron job on your server that purges the directory your are storing the files on a set interval? – Crackertastic Sep 03 '14 at 14:34
  • Do you mean a cron job that will delete the stored files after a certain amount of time? I think that's possible, but that is not the best solution right? – JasonK Sep 03 '14 at 15:19
  • Yes that is what I mean. The cron could run a script to clear that directory as whatever time interval you specify. I understand you don't want to keep the files on the server, but they will have to exist for a short period of time if you are offering a download. I ran into a similar situation in the past where I needed to remove zip files after a period of time, but could not set cron jobs. I ended up having to program the functionality to occasionally run as part of the normal site traffic. – Crackertastic Sep 03 '14 at 16:29

1 Answers1

0

From my understanding the zip file must be saved, it can not be stored in memory. $zip->close(); is what actually triggers the file creation. I am sure someone smarter than I will figure out how to write it to memory but for now there is a simple work around.

I just did something similar. The trick is to use:

// Keep script running even if user aborts
ignore_user_abort(true);

Add this as the first line of your script. What this does is allow your download script to run even if the user aborts the download. That will ensure your delete command gets called.

I am not sure if you are saying if the file is or is not deleting properly even if the user is not aborting. But if your current delete command is not working as expected you could use a simple:

unlink( $zipName);

Hope this helps.

David Rodriguez
  • 133
  • 1
  • 6