PHP Generate File For Download Then Redirect

PHP generate file for download then redirect

I don't think this can be done - although I am not 100% sure.

The common thing (e.g. in popular download sites) is the reverse: first you go to the after page and then the download starts.

So redirect your users to the final page that (among other things) says:

Your download should start automatically. If not click [a href="create_csv.php"]here[/a].

As about initiating the download (e.g. automatically calling create_csv.php) you have many options:

  • HTML: [meta http-equiv="refresh" content="5;url=http://site/create_csv.php"]
  • Javascript: location.href = 'http://site/create_csv.php';
  • iframe: [iframe src="create_csv.php"][/iframe]

How to download a file then redirect to another page in php?

Best bet is to turn your page order around a little bit. Set up a page that's a "thank you for downloading this sample" page, and have it set up to do a javascript refresh that actually takes you to the download. As it's a download, not a new page, the thank you page will still be there. In case they don't have javascript on the browser, put a link to the actual file.

You could have a page for each file, but best bet would be to pass the filename in as a get var, i.e. ThankYou.php?file=sample.pdf

Force download with PHP then redirect

  1. You can't hide a file location. It'll be plainly visible to anybody determined enough to find it, by the very necessity that the browser needs to know the URL to download the file.
  2. You can't do it with two header redirects in succession, as you said. You can only redirect to a different page after some timeout using Javascript.

There really isn't much choice. If your primary goal is to hide the URL, that's a lost cause anyway. For good usability, you usually include the plain link on the page anyway ("Download doesn't start? Click here..."), since the user may accidentally cancel the redirect at just the wrong time to irrevocably kill the download.

You cannot output anything other than the file itself in the same request/response. You could try multi-part HTTP responses as suggested by @netcoder, but I'm not really sure how well that's supported. Just start with the assumption that there's one "wasted" request/response in which only the file is downloaded and nothing else happens. The way things usually work with this restriction is like this:

  • User clicks "download" link or submits form with his email address or whatever is required to initiate the download process.
  • Server returns the "Thank you for downloading from us! Your download will start shortly..." page.
  • This page contains Javascript or a <meta> refresh or HTTP Refresh header that causes a delayed redirect to the URL of the file.
  • The "Thank you" page will "redirect" to the file location, but since this causes the file to download, the page will not visibly change, only the download will be initiated.

Look at for an example of this in action.

You can make the download location for the file be a script that only returns the file if the user is allowed to download the file. You can pass some temporary token between the "Thank you" page and the file download page to verify that the download is allowed.

Redirect after download xml file

Well because you send the header and content this can't be done.

You have to redirect first and then let the file download on the target site.

how to redirect to linkpage after download

Try the following to download the file.

header('Content-Disposition: attachment; filename="'.$Down.'"');

PHP link/request to download file then delete it immediately

There are a few components to getting this to work. Without knowing which framework you use, I'll use comments as placeholders.

There is no way to do it without using the header function, though.

Here is the source for a file that outlines the process:

$fileid = $_GET['fileid'];
$key = $_GET['key'];

// find the file in the database, and store it in $file
if ($keyMatches) {
// it is important for security to only use file paths from the database
$actualPath = $file->getPathOnDisk();

$fileInfo = finfo_open(FILEINFO_MIME_TYPE);
$mime = finfo_file($fileInfo, $actualPath);

$fp = fopen($actualPath, 'rb');
header("Content-Type: " . $mime);
header("Content-Length: " . filesize($actualPath));
http_response_code(403); // forbidden

You'll use this by linking to download.php?fileid=1234&key=foobar, and generating the URL at the same time you generate the key and store it in the database.

For security, you'll keep the files outside of the web root, meaning they cannot be accessed through the web server without going through a script.

fpassthru is reasonably fast, and will not likely have a performance impact.

Related Topics

Leave a reply