0

I moved the code from one server to another. On the website I am downloading for logged-in users. When I enter a file that checks if I'm logged in or not, it shows an error 500 (Internal Server Error). Below I give the code .htaccess and download.php

.htaccess:

Options -Indexes 

<files .htaccess> 
order allow,deny deny from all 
</files> 

<FilesMatch "\.(htaccess|htpasswd|ini|phps|fla|psd|log|sh|pdf|mp4)$"> 
Order Allow,Deny Deny from all 
</FilesMatch>

RewriteEngine on
RewriteRule ^(.*).pdf$ http://example.com [R=301,L]

Download.php:

<?php ob_start();?>
<?php session_start();?>

<?php
if (!isset($_SESSION['login_user'])) {
    header("location: http://example.com");
    exit;
}
if ($_SESSION['nazwau'] == "ALG2") {
        $file = './pdf/test.pdf';


header('Content-Description: File Transfer');
header('Content-Type: application/octet-stream');
header('Content-Disposition: attachment; filename=' .                                 basename($file));
header('Content-Transfer-Encoding: binary');
header('Expires: 0');
header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
header('Pragma: public');
header('Content-Length: ' . filesize($file));
ob_clean();
flush();
readfile($file);
exit;
} else {
    header("location: http://example.com/");
    exit;
}

?>
KAMMAR Soft
  • 1
  • 1
  • 2
    A 500 error is a generic error message and covers pretty much every single thing that can go wrong with a script. Check your server error logs to find out the exact error message. – aynber May 22 '19 at 17:43
  • Addendum to @aynber's comment, you can try setting debugging info in your script (may or may not work, depending on where the error is) - https://stackoverflow.com/questions/5438060/showing-all-errors-and-warnings?rq=1 – prieber May 22 '19 at 17:47
  • +1 for check out the php error log. Maybe the php interpreter lack some necessary extensions, or maybe you missed some code files after copying to the new server. – Steven May 22 '19 at 17:55
  • How is `download.php` called? Your `.htaccess` directive appears to simply redirect to the homepage when a `.pdf`file is requested? You are also missing some newlines in your `.htaccess` directives (maybe just an error in your post) - which would also result in 500 errors. Your first `` block is superfluous - this is handled by the second. – DocRoot May 22 '19 at 22:41
  • In fact, your `` section tries to block all `.pdf` files (if correctly formatted), so the following redirect would never happen anyway? – DocRoot May 22 '19 at 22:47

0 Answers0