【问题标题】:File download problem with phpphp文件下载问题
【发布时间】:2011-04-10 11:25:12
【问题描述】:

我的文件下载脚本有问题。我在以下网址中找到了一个脚本- http://www.tutorialchip.com/php-download-file-script/ 该脚本在本地(wamp 服务器)中运行良好。但不能在服务器中工作。它只是转到“download.php?f=Track_01_test.mp3”。这是一个空白页。我正在使用下载路径 -

$download_path = $_SERVER['DOCUMENT_ROOT']."songs/main_songs/"

对于下载链接,我正在使用 -

<a href="download.php?f=2008_Track_02_We_Love_Bangladesh.mp3">Track-02-We Love Bangladesh.mp3</a>

谁能帮我解决这个问题,或者提出更好的方法/脚本?谢谢。


这是另一个脚本。这也适用于本地,但在服务器中存在问题。

<?php

###############################################################
# File Download 1.31
###############################################################
# Visit http://www.zubrag.com/scripts/ for updates
###############################################################
# Sample call:
#    download.php?f=phptutorial.zip
#
# Sample call (browser will try to save with new file name):
#    download.php?f=phptutorial.zip&fc=php123tutorial.zip
###############################################################

// Allow direct file download (hotlinking)?
// Empty - allow hotlinking
// If set to nonempty value (Example: example.com) will only allow downloads when referrer contains this text
define('ALLOWED_REFERRER', '');

// Download folder, i.e. folder where you keep all files for download.
// MUST end with slash (i.e. "/" )
//echo ;
//example link - <a href="download.php?d=main_songs&f=2008_Track_02_We_Love_Bangladesh.mp3">Track-02-We Love Bangladesh.mp3</a>
define('BASE_DIR',$_SERVER["DOCUMENT_ROOT"].'/songs/'.$_REQUEST['d']);

// log downloads?  true/false
define('LOG_DOWNLOADS',true);

// log file name
define('LOG_FILE','downloads.log');

// Allowed extensions list in format 'extension' => 'mime type'
// If myme type is set to empty string then script will try to detect mime type 
// itself, which would only work if you have Mimetype or Fileinfo extensions
// installed on server.
$allowed_ext = array (

  // archives
  'zip' => 'application/zip',

  // documents
  'pdf' => 'application/pdf',
  'doc' => 'application/msword',
  'xls' => 'application/vnd.ms-excel',
  'ppt' => 'application/vnd.ms-powerpoint',
  'html' => 'application/msaccess',
  'htm' => 'application/msaccess',

  // executables
  'exe' => 'application/octet-stream',

  // images
  'gif' => 'image/gif',
  'png' => 'image/png',
  'jpg' => 'image/jpeg',
  'jpeg' => 'image/jpeg',

  // audio
  'mp3' => 'audio/mpeg',
  'wav' => 'audio/x-wav',

  // video
  'mpeg' => 'video/mpeg',
  'mpg' => 'video/mpeg',
  'mpe' => 'video/mpeg',
  'mov' => 'video/quicktime',
  'avi' => 'video/x-msvideo'
);



####################################################################
###  DO NOT CHANGE BELOW
####################################################################

// If hotlinking not allowed then make hackers think there are some server problems
if (ALLOWED_REFERRER !== ''
&& (!isset($_SERVER['HTTP_REFERER']) || strpos(strtoupper($_SERVER['HTTP_REFERER']),strtoupper(ALLOWED_REFERRER)) === false)
) {
  die("Internal server error. Please contact system administrator.");
}

// Make sure program execution doesn't time out
// Set maximum script execution time in seconds (0 means no limit)
set_time_limit(0);

if (!isset($_GET['f']) || empty($_GET['f'])) {
  die("Please specify file name for download.");
}

// Nullbyte hack fix
if (strpos($_GET['f'], "\0") !== FALSE) die('');

// Get real file name.
// Remove any path info to avoid hacking by adding relative path, etc.
$fname = basename($_GET['f']);

// Check if the file exists
// Check in subfolders too
function find_file ($dirname, $fname, &$file_path) {

  $dir = opendir($dirname);

  while ($file = readdir($dir)) {
    if (empty($file_path) && $file != '.' && $file != '..') {
      if (is_dir($dirname.'/'.$file)) {
        find_file($dirname.'/'.$file, $fname, $file_path);
      }
      else {
        if (file_exists($dirname.'/'.$fname)) {
          $file_path = $dirname.'/'.$fname;
          return;
        }
      }
    }
  }

} // find_file

// get full file path (including subfolders)
$file_path = '';
find_file(BASE_DIR, $fname, $file_path);

if (!is_file($file_path)) {
  die("File does not exist. Make sure you specified correct file name."); 
}

// file size in bytes
$fsize = filesize($file_path); 

// file extension
$fext = strtolower(substr(strrchr($fname,"."),1));

// check if allowed extension
if (!array_key_exists($fext, $allowed_ext)) {
  die("Not allowed file type."); 
}

// get mime type
if ($allowed_ext[$fext] == '') {
  $mtype = '';
  // mime type is not set, get from server settings
  if (function_exists('mime_content_type')) {
    $mtype = mime_content_type($file_path);
  }
  else if (function_exists('finfo_file')) {
    $finfo = finfo_open(FILEINFO_MIME); // return mime type
    $mtype = finfo_file($finfo, $file_path);
    finfo_close($finfo);  
  }
  if ($mtype == '') {
    $mtype = "application/force-download";
  }
}
else {
  // get mime type defined by admin
  $mtype = $allowed_ext[$fext];
}

// Browser will try to save file with this filename, regardless original filename.
// You can override it if needed.

if (!isset($_GET['fc']) || empty($_GET['fc'])) {
  $asfname = $fname;
}
else {
  // remove some bad chars
  $asfname = str_replace(array('"',"'",'\\','/'), '', $_GET['fc']);
  if ($asfname === '') $asfname = 'NoName';
}

// set headers
header("Pragma: public");
header("Expires: 0");
header("Cache-Control: must-revalidate, post-check=0, pre-check=0");
header("Cache-Control: public");
header("Content-Description: File Transfer");
header("Content-Type: $mtype");
header("Content-Disposition: attachment; filename=\"$asfname\"");
header("Content-Transfer-Encoding: binary");
header("Content-Length: " . $fsize);

// download
// @readfile($file_path);
$file = @fopen($file_path,"rb");
if ($file) {
  while(!feof($file)) {
    print(fread($file, 1024*8));
    flush();
    if (connection_status()!=0) {
      @fclose($file);
      die();
    }
  }
  @fclose($file);
}

// log downloads
if (!LOG_DOWNLOADS) die();

$f = @fopen(LOG_FILE, 'a+');
if ($f) {
  @fputs($f, date("m.d.Y g:ia")."  ".$_SERVER['REMOTE_ADDR']."  ".$fname."\n");
  @fclose($f);
}

?>

【问题讨论】:

  • 您能否提供更多代码来帮助了解这些内容(以防我们不熟悉该脚本),并更详细地比较它在本地服务器上的工作方式,而不是在其他服务器上的工作方式服务器?例如,主要区别是什么?它们发生在代码的什么地方?
  • 你检查过允许php打开服务器上指定目录下的文件吗?
  • 如何检查?我在我的问题中添加了更多代码。请看一看。

标签: php download


【解决方案1】:

您的代码正在滥用suppress errors operator (@) 并且没有提供报告错误的替代方法,因此您基本上是在指示服务器在出现故障时显示空白页。此外,如果您碰巧将display_errors 指令设置为off,如果出现其他类型的问题,PHP 将默默地死掉。

我的建议是:

在顶部或您的脚本上启用完整的错误报告:

error_reporting(E_ALL);
ini_set('display_errors', TRUE);

移除 @ 运算符,以便能够查看错误消息。

如果出现错误,请提供替代输出:

if ($f) {
   // ...
}else{ // <-- Add one of this
   // Do something if there's an error: print it on screen, log it...
}

【讨论】:

  • 我已经按照您的指示做了事情,变得有点幸运了。一些文件正在下载。但最大值不是。显示 - “文件不存在。确保您指定了正确的文件名。”你可以看到我的主要网站 - celebratinglifebd.com/download-songs.php。尝试下载一些歌曲。第一个下载,但第二个没有。我提供的文件名是正确的。所以我不明白为什么它显示文件不存在。
  • 很可能,因为文件名正确。请注意,Unix 区分大小写:song.mp3Song.mp3 不同。
  • 将文件重命名为小写。我认为这解决了问题。非常感谢。
猜你喜欢
  • 2023-04-10
  • 2011-02-07
  • 2013-11-02
  • 1970-01-01
  • 1970-01-01
  • 1970-01-01
  • 1970-01-01
  • 2018-02-10
  • 2017-11-02
相关资源
最近更新 更多