Php, File Download

Apache is downloading php files instead of displaying them

The correct AddType for php is application/x-httpd-php

AddType  application/x-httpd-php         .php
AddType  application/x-httpd-php-source  .phps

Also make sure your php module is loaded

LoadModule php5_module        modules/mod_php55.so

When you're configuring apache then try to view the page from another browser - I've had days when chrome stubbornly caches the result and it keeps downloading the source code while in another browser it's just fine.

PHP readfile() download exact copy of the original file

The problem is most certainly the inclusion of PHP files that contain HTML.
If the PHP parser encounters anything else outside of a <?php ?> tag, which will get echoed as a string to whatever client accepting it (your browser, as a file).

If such inclusion happens around your actual download logic, as in your case with staff_header.php, which contains the HTML seen in your output right before the actual file content, you, of course, end up with a file containing both, the HTML and the file contents and probably even in the wrong encoding.

The possible solutions vary and since you are already working on a low level of PHP with including files and such, it would probably suffice if you moved the download logic right before including your staff_header.php.

As the download code exits, the header won't ever be included if your download happens, but be aware that generally, mixing up logic like this is rather unclean.

I'd recommend to keep this kind of logic seperated and managed on higher order, even if it's just another PHP file containing an if-clause that decides whether the download or the HTML logic should be executend.

PHP file download not recognizing file type in Chrome and Edge

can you try:

header("Content-Disposition: attachment; filename=\"$title\".mp3");

to see if the title does not contain the extension

How to force a file to download in PHP

If you want to force a download, you can use something like the following:

<?php
    // Fetch the file info.
    $filePath = '/path/to/file/on/disk.jpg';

    if(file_exists($filePath)) {
        $fileName = basename($filePath);
        $fileSize = filesize($filePath);

        // Output headers.
        header("Cache-Control: private");
        header("Content-Type: application/stream");
        header("Content-Length: ".$fileSize);
        header("Content-Disposition: attachment; filename=".$fileName);

        // Output file.
        readfile ($filePath);                   
        exit();
    }
    else {
        die('The provided file path is not valid.');
    }
?>

If you simply link to this script using a normal link the file will be downloaded.

Incidentally, the code snippet above needs to be executed at the start of a page (before any headers or HTML output had occurred.) Also take care if you decide to create a function based around this for downloading arbitrary files - you'll need to ensure that you prevent directory traversal (realpath is handy), only permit downloads from within a defined area, etc. if you're accepting input from a $_GET or $_POST.

Download file using php script, one at time

Moving the comment down here for anyone interested.

The function that I had to come up with was a unique download link after a payment had been processed. These are the steps that were taken.

Process the Payment and capture IP address, file and path of the downloadable file - save this information to the database.
Once payment has been deducted successfully, trigger a function that generates a unique token, e.g: sha1(microtime().$transactionid), and save this to the database (note: please don't use microtime() in production, use a random string generator).
Using .htaccess we generated a download link, e.g.: http://domain.com/download/<token> the .htaccess contents:
```
RewriteRule ^download/([a-z0-9-]) /download.php?token=$1
```
Optional: If their IP matches what we have in the database, go ahead and allow the user to download the file. If it doesn't, we ask the user to log in so we can update their IP address and begin downloading.
Once you have the token, you can pretty much do any form of validation you would like from here, such as preventing multiple downloads by adding a column in the database download_downloaded INT(1) DEFAULT 0 where if it is set to 1, then it has been downloaded. I would suggest giving the user about a day before locking them out after downloading, just in case their file was corrupt in the process.
Any other additional items, such as download counter etc.
Finally use your code above after to start the download. I would have it structured a little differently though.

download.php

$token = $_GET['token'];
$allow_download = FALSE; // Can never be too careful..

...
//Database lookup to get the file ID
...

$file = "c:/test.avi"; // now from the database call
$title = "Test Video";

// Do any additional validation here
// returns TRUE or FALSE (Boolean) -- Custom function to query the database
$allow_download = check_if_downloadable('user_id', 'file_id', 'token_id');
record_download('user id', 'file id');

// After validation is complete, allow them to download
if ($allow_download === TRUE){
    header("Pragma: public");
...

If a user lost their download link (as it has happened many times), we show their download link on their member home page once they have logged in, and they can start downloading again (if you allow it).

I hope this helps. I'm sorry that I can't give out some code examples at this time.

Most of this is just querying the database.