Re: Protected File Download

Christophe Cholot Wed, 02 Jan 2008 07:47:00 -0800

Hello,

I would suggest you to store your uploaded files on your filesystem,
ex : /home/yourappname/uploads/


- Use app/config/core.php or bootstrap.php to write your file storage
path :

        Configure::write('Music.uploadPath',  '/home/yourappname/uploads/
music/'); or define('MUSIC_UPLOAD_PATH', 'yourpath');

- Then in your controller just add a download method :

        class MusicController extends AppController{

                function download($song){
                        if(!isset($song))
                                $this->redirect('/');
                        if($this->isAuthenticatedUser()){
                                $file = MUSIC_UPLOAD_PATH . $song;
                                $data = file_get_contents($file);
                                $size = filesize($file);
                                if(isset($_SERVER['HTTP_USER_AGENT']) &&
strpos($_SERVER['HTTP_USER_AGENT'], 'MSIE'))
                                        header('Content-Type: 
application/force-download');
                                else
                                        header('Content-Type: 
application/get-the-correct-mime-type');
                                header('Content-Length: '. $size);
                                header('Content-disposition: attachment; 
filename="' . $song ."');
                                echo $data;
                        }else{
                                $this->redirect($this->referer(), 403);
                        }
                } // download
        }

Now link to your files with :

$html->link(__('Download this file', true), '/music/download/your-
song');



Bart wrote:
> Hi!
> (i'm a newbe)
> I want my site-visitors to be able after login to download an (audio/
> image)file that is only for them.
> I have two options:
> uploading the files into the database  or  uploading the files onto
> the server in a folder with filedata in the DB.
>
> The first has the advantage of security but I have some problems with
> displaying the image after download (corrupted/characters are
> displayed instead of a pretty picture)
> The second has the advantage of transparancy/no corruption so far, but
> how do I secure files? Placing them in the webroot makes them publicly
> accessible.
>
> Which structure do you advice?
> Can you give me a direction/some keywords I should look into?
>
> Cheers,
> Bart

--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups "Cake 
PHP" group.
To post to this group, send email to cake-php@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/cake-php?hl=en
-~----------~----~----~----~------~----~------~--~---

Re: Protected File Download

Reply via email to