There's actually a function in (PHP 4 >= 4.3.0) that returns a file's MIME type.
Here it is: string mime_content_type ( string filename) "Marek Kilimajer" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] > Yes, sure, but you many times won't know the mime type and might be > forced to use application/octet-stream. > You can do > if(dirname(realpath($user_files_dir . $_GET['filename'])) == > $user_files_dir) > as a security check > > Daniel Silva wrote: > > >That is a very nice solution, the problem is, the files are stored on disk, > >not on the DB. I suppose it can be addapted to work with the disk, can't it? > > > >Cheers, > > > >Daniel > > > > > >"Marek Kilimajer" <[EMAIL PROTECTED]> wrote in message > >news:[EMAIL PROTECTED] > > > > > >>create a download php file: > >> > >><?php > >> > >>$res=mysql_query("select * from user_files where > >> > >> > >filename='$GET['file']'"); > > > > > >>if($res && mysql_num_rows($res)) { > >> $file=mysql_fetch_assoc($res); > >> if($_GET['downaload']) { > >> header('Content-Type: application/octet-stream'); > >> header('Content-disposition: attachment; > >>filename='.basename($file['filename'])); > >> } else { > >> header('Content-Type: '.$file['mimetype']); > >> header('Content-disposition: attachment; > >>filename='.basename($file['filename'])); > >> } > >> header('Content-Length: '.filesize($file['filename'])); > >> readfile($file['filename']); > >>} else { > >> echo 'no such file'; > >>} > >>?> > >> > >>Then create a link: > >><a href="file.php?filename=path/file">view</a> > >><a href="file.php?filename=path/file&download=1">download</a> > >> > >>This example assumes you have a table user_files, where you store > >>uploaded files with their mime types, this is a security check > >> > >>Daniel Silva wrote: > >> > >> > >> > >>>Hello, > >>> > >>>I'm currently working on a multi-user filemanager, on which each user has > >>>its space on the server and can do all the basic file operations we've > >>> > >>> > >all > > > > > >>>seen. > >>> > >>>I've looked all over the net and the manual, but I can't seem to find the > >>>solution for what I want. > >>> > >>>The system I'm creating keeps all user files in a folder outside the > >>>webserver, this is to say, any folder the admin defines, such as > >>>/home/john/webusers . > >>> > >>>The site shows all files contained in the userdir and lets him manipulate > >>>them. Of course, I want to let the users download their files, but as > >>> > >>> > >they > > > > > >>>aren't inside the webserver's "scope", I just can't simply link to them. > >>> > >>>Is there any way I can implement this? To download a file located at X > >>>directory, anywhere in the system? And taking security into > >>> > >>> > >consideration, > > > > > >>>of course. > >>> > >>>Thanks in advance, > >>> > >>>Daniel Silva > >>> > >>> > >>> > >>> > >>> > >>> > >>> > >>> > >>> > > > > > > > > > > > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
