Php download freezes or ends prematurely

Hello.

I’ve been having problems with downloading from my site for a while. I posted to a php forum and I was told to contact my hosting service because many avenues I’ve taken should have worked.

My current download script is this:

<?php $showName = $_GET['show']; header("Pragma: public"); header("Expires: 0"); header("Cache-Control: must-revalidate, post-check=0, pre-check=0"); header("Cache-Control: public"); header("Content-Description: File Transfer"); header("Content-Type: application/octet-stream"); header("Content-Transfer-Encoding: binary"); header("Content-Length: ".filesize($showName)); header("Content-Disposition: attachment; filename=\"$showName\""); readfile($showName); ?>

The download usually stops before 2 megabytes are downloaded.

The access log shows I’m getting a 500 internal error.

The error log says the file doesn’t exist, but I know that’s not true either! I say that because it does download something and the script used to work for me. I didn’t change anything. At first a few people told me they had this problem, but I could not reproduce it. Now it happens all the time and I doesn’t work for me either.

Someone suggested adding set_time_limit(0); Also tried changing Content-Type to force-download and adding clearstatcache() . None of these suggestions solved my problem.

I found this script online:
http://www.zubrag.com/scripts/download.php

It uses fopen and fread. When I use this script, I no longer see a 500 error. No error gets generated and the access log shows a 200 code, which is good.

The problem I’m having with this script is that it does download the entire file. It usually downloads at least 50% of it. Sometimes it’s well into the 90s. The mp3 will play until the file ends prematurely.

I know my problem stems from php because when I go to the podcast page, I can right-click/save the mp3s without a problem. There is also nothing wrong with the mp3s as the podcast downloads play perfectly as does the flash player that launches the files.

Is there some sort of php limitation? All the files are about 90MB since my shows are ~60 minutes.

Can anyone please help me?

Thanks!
-tony

> Is there some sort of php limitation? All the files are about 90MB…

Try turning off mod_security via .htaccess for a quick test.

<IfModule mod_security.c> SecFilterEngine Off </IfModule>
Maximum Cash Discount on any plan with MAXCASH

How To Install PHP.INI / ionCube on DreamHost

Ok, but can you please tell me where .htaccess is located? i’ve trolled through the directories in my account and don’t see that file.

Thanks!
-tony

I looked it up and I created a .htaccess file at the root of my site. So far, it looks like it’s working. Will have to do more extensive testing.

Thanks!
-tony

I wouldn’t suggest leaving mod_security off in a blanket state permanently.

After your testing period, if you discover everything is working while it’s off then the next step is to turn it off just for the file that handles the stream so that the download function works and mod_security still keeps the rest of your site safely under wraps.

Maximum Cash Discount on any plan with MAXCASH

How To Install PHP.INI / ionCube on DreamHost

I’ve spent time over the last week or so testing downloads.

I also asked friends from all over the place to try as well. With the exception of one person (who also seems to not be able to view any rss pages properly), everyone reported positive results.

Until last night, i had mod_security off. I noticed that launching my flash player accessed a site called snoreflash [dot] ru.

I quickly looked in my directories and noticed that all of my index and js files had been edited the other day. All of the index files had the same script at the end. The js files had a different script.

I removed all of these, but loading my flash player seems to still point to that russian site. I took down the player until I can diff the files against a backup tonight.

I’m not sure if this PHP hack is due to mod_security being off, but I’m definitely not turning it off like that again.

If I follow your suggestion of turning it off for that one file, can you tell me how to do that?

Would I only have an .htaccess file in the subfolder and have it open that file?

Thanks for your help and suggestions!
-tony

Yeah, mod_security is most certainly a good thing!

To turn it off just for download.php try:

SecFilterSelective REQUEST_URI "^/download\.php.*$" "allow,pass"

Maximum Cash Discount on any plan with MAXCASH

How To Install PHP.INI / ionCube on DreamHost

Hi !

You must use :

[php]<?php
function readfile_chunked ($filename) {
$chunksize = 1*(1024*1024); // how many bytes per chunk
$buffer = ‘’;
$handle = fopen($filename, ‘rb’);
if ($handle === false) {
return false;
}
while (!feof($handle)) {
$buffer = fread($handle, $chunksize);
print $buffer;
}
return fclose($handle);
}

$showName = $_GET[‘show’];

header(“Pragma: public”);
header(“Expires: 0”);
header(“Cache-Control: must-revalidate, post-check=0, pre-check=0”);
header(“Cache-Control: public”);
header(“Content-Description: File Transfer”);
header(“Content-Type: application/octet-stream”);
header(“Content-Transfer-Encoding: binary”);
header(“Content-Length: “.filesize($showName));
header(“Content-Disposition: attachment; filename=”$showName””);
readfile_chunked($showName);
?>[/php]

And… It’s GOOD