PHP force download script aborts after 4kb of mp4

apps

#1

I have used a forced download script on Dreamhost for a few years and I just realized today that it has stopped working.

Now it starts a forced download of my mp4 files, but the download aborts after 4kb.

Did something change on Dreamhosts servers and any suggestions to fix would be really appreciated.

Here is my script that was working and is unchanged:

<? /* // PHP FORCE DOWNLOAD SCRIPT author: pixeline website: http://www.pixeline.be last updated: 14 January 2009 */ $filename = urldecode($_GET['filename']); // converting url to local path so Apache can find the file. // force download: // required for IE, otherwise Content-disposition is ignored if (ini_get('zlib.output_compression')) ini_set('zlib.output_compression', 'Off'); $parsed_url = parse_url($filename); $fileinfo = pathinfo($filename); $parsed_url['extension'] = $fileinfo['extension']; $parsed_url['filename'] = $fileinfo['basename']; $parsed_url['localpath'] = $_SERVER['DOCUMENT_ROOT'] . $parsed_url['path']; // just in case there is a double slash created when joining document_root and path $parsed_url['localpath'] = preg_replace('/\/\//', '/', $parsed_url['localpath']); if (!file_exists($parsed_url['localpath'])) { die('File not found: ' . $parsed_url['localpath']); } $allowed_ext = array('mp4', 'wmv', 'pdf', 'png', 'jpg', 'jpeg', 'zip', 'doc', 'xls', 'gif', 'exe', 'ppt'); if (!in_array($parsed_url['extension'], $allowed_ext)) { die('This file type is forbidden.'); } switch ($parsed_url['extension']) { case "mp4": $ctype = "video/mp4"; break; case "wmv": $ctype = "video/x-ms-wmv"; break; case "pdf": $ctype = "application/pdf"; break; case "exe": $ctype = "application/octet-stream"; break; case "zip": $ctype = "application/zip"; break; case "doc": $ctype = "application/msword"; break; case "xls": $ctype = "application/vnd.ms-excel"; break; case "ppt": $ctype = "application/vnd.ms-powerpoint"; break; case "gif": $ctype = "image/gif"; break; case "png": $ctype = "image/png"; break; case "jpeg": case "jpg": $ctype = "image/jpg"; break; default: $ctype = "application/force-download"; } header("Pragma: public"); // required header("Expires: 0"); header("Cache-Control: must-revalidate, post-check=0, pre-check=0"); header("Cache-Control: private", false); // required for certain browsers header("Content-Type: $ctype"); header("Content-Disposition: attachment; filename=\"" . $parsed_url['filename'] . "\";"); header("Content-Transfer-Encoding: binary"); header("Content-Length: " . filesize($parsed_url['localpath'])); readfile($parsed_url['localpath']); exit(); ?>

#2

Please see: http://discussion.dreamhost.com/thread-128468.html

Using scripts to manage downloads causes weird problems, and may (such as in this case!) pose you a security risk. There are generally ways to get the same result using .htaccess.