PHP download management - Page 2
Page 2 of 2 FirstFirst 12
Results 11 to 17 of 17

Thread: PHP download management

  1. #11
    The Prancing Pirate
    Join Date
    Jul 2004
    Posts
    548
    Sure. Here's the code I used:
    PHP Code:
    <?php

    if(!empty($file_id) {
        
        switch (
    $file_id) {
        case 
    0:
           echo 
    "Please specify a file ID";
        case 
    1:
           
    header("Location: ./data/download1.zip");
           break;
        case 
    2:
           
    header("Location: ./data/download2.zip");
           break;
        default:
           echo 
    "No file found with that id";
        }
        
        exit();
        
    } else {
        echo 
    "Please specify a file ID";
    }

    ?&
    gt
    Thanks,

    -jk
    TAZForum <---- click

  2. #12
    Elite Hacker
    Join Date
    Mar 2003
    Posts
    1,407
    Do you have register_globals on? I think to do it like that you need register_globals on, unless you didn't include some code where you set $file_id = $_GET['file_id']. Otherwise, make all occurences of $file_id in your code $_GET['file_id'].

  3. #13
    The Prancing Pirate
    Join Date
    Jul 2004
    Posts
    548
    Hmm...aren't there any security issues in using register_globals? I seem to have read quite a lot of comments which advise against using it.

    I thought this was going to be easier - hehe! :S

    [edit] Changing all occurences of $file_id to $_GET['file_id'] didn't work either...
    TAZForum <---- click

  4. #14
    The Prancing Pirate
    Join Date
    Jul 2004
    Posts
    548
    Just for completeness... Here's how I did it in the end (I'm not sure where I got this from - kudos to the author):
    PHP Code:
    &lt;?php

    // Fix for IE catching or PHP bug issue
    header("Pragma: public");
    header("Expires: 0"); // set expiration time
    header("Cache-Control: must-revalidate, post-check=0, pre-check=0");
    // browser must download file from server instead of cache

    // Force download dialog
    header("Content-Type: application/force-download");
    header("Content-Type: application/octet-stream");
    header("Content-Type: application/download");

    // Path to file and filename
    $path "data/Filetodownload.zip";
    $filename "Filetodownload.zip";

    // Use the Content-Disposition header to supply a
    // recommended filename and
    // force the browser to display the save dialog.
    header("Content-Disposition: attachment; filename=".$filename.";");
    header("Content-Transfer-Encoding: binary");
    header("Content-Length: ".filesize($path));

    readfile($path); 

    ?&
    gt
    It wouldn't be hard to add cases in there, etc.

    However, I have a question (which I am unable to try out for myself at the moment) - if you used this method to download a file, would you be able to work out the actual location of the file by sniffing and inspecting the packets with Wireshark?

    Thanks,

    -jk
    TAZForum <---- click

  5. #15
    Elite Hacker
    Join Date
    Mar 2003
    Posts
    1,407
    That's a good question, and I believe the answer is no. I remember trying that once and that header you're returning looks very familiar. The reason I tried it is because I use command line with wget on nix, and I was looking for URLs in a normal browser on windows, then typing them out on my linux box. And I couldn't get a direct path to a file that used something that was very similar, if not the same thing as what you describe.

  6. #16
    Senior Member
    Join Date
    Mar 2004
    Posts
    557
    Hi

    f you used this method to download a file, would you be able to work out the
    actual location of the file by sniffing and inspecting the packets with Wireshark?
    The answer, indeed, is no. The reason:

    1. The client himself has no access to the unparsed php-script, and thus to $path

    2. After parsing the php-script, there is no information left in the generated data
    (which is sent to the client) of $path. Basically, you are creating your own
    http-"application-packet". You could look at it simply with burpproxy[1].

    3. there is no information in lower layers about the path of the file.

    However, there might be a way to obtain the information - namely in the file, which
    you send, itself. Assume you are sending a word-document with the filepath-variable set ...


    Cheers

    [1] http://freshmeat.net/projects/burpproxy/
    If the only tool you have is a hammer, you tend to see every problem as a nail.
    (Abraham Maslow, Psychologist, 1908-70)

  7. #17
    The Prancing Pirate
    Join Date
    Jul 2004
    Posts
    548
    Thanks to both of you! sec_ware, you have a very good point - there are no fields in the header which display the location of the file, and so any collected packets wouldn't show up anything useful.

    Luckily, I modified the script beforehand to make sure this wasn't possible (although I wasn't sure if there was another method through which it could be obtained). The script previously read:
    PHP Code:
    header("Content-Disposition: attachment; filename=".$path.";"); 
    I then added the constant '$filename', and put that as the filename instead, because before any downloaded files would have the filename 'dir1-dir2-filename' (eg. 'data-Abstract.zip'), which gave away the original path

    Thanks

    -jk
    TAZForum <---- click

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •