Posted by davidkruger on 07/27/07 20:15

On Jul 27, 2:19 pm, davidkru...@techie.com wrote:
> Hi, I have a script setup that is used for reading binary data from
> files that is stored in a mysql blob field. This is not a question
> regarding the mysql and data accessing, but what I am wanting to do is
> instead of just being able to pass the file ID in the URL without
> authenticating to the page prior, that page will return with a message
> saying not logged in, and not allowing the file to be accessed/
> downloaded from the webpage. The PHP code I have to accomplish this
> is following:
>
> <?php
>
> session_start();
> $username=$_SESSION["username"];
> $userhash=$_SESSION["userhashed"];
> $authenticated=$_SESSION["authenticated"];
>
> if (sha1($username.$authenticated) != $userhash) {
> session_destroy();
> print "NOT LOGGED IN!<br>\n";
> exit;
>
> }
>
> if (isset($_GET["id"])) {
>
> include '../config.php';
>
> include '../functions.php';
>
> $sql = "SELECT bin_data FROM $dl_tbl WHERE RECID=".$_GET["id"];
>
> $file_dta_qry = "SELECT filename,filesize,filetype FROM $dl_tbl
> WHERE RECID=".$_GET["id"];
>
> $file_dta = run_query($file_dta_qry);
>
> $file_info = split(":field:",$file_dta[0]);
>
> $result = run_query($sql);
>
> $data = $result[0];
>
> $name = $file_info[0];
>
> $size = $file_info[1];
>
> $type = $file_info[2];
>
> header("Content-type: $type");
>
> header("Content-length: $size");
>
> if ($type != "application/pdf") {
>
> header("Content-Disposition: attachment; filename=$name");
>
> }
>
> header("Content-Description: PHP Generated Data");
>
> echo $data;
>
> }
>
> ?>
>
> However, the problem that I am having is even if the user is
> authenticated to the page, it is executing the code that results in
> the NOT LOGGED IN! message. I have had this on a back burner for a
> while now, but I am certain it is something really simple that I am
> just overlooking or something. Could anyone offer some help with what
> might be the cause? I use sha1 command to check if the authentication
> is valid, and use the same code in other pages without problems, but
> am having trouble with this one for some reason.

I managed to find a solution to my problem described in the previous
posts. It is something caused by some caching size limitation in IE.
After I found some info on the zend site, it corrected the issue for
me. The code changes I made are following, which have corrected my
issue:

if (strpos($_SERVER['HTTP_USER_AGENT'],'MSIE')) {
session_cache_limiter("public");
}
ob_start();
session_start();
ob_end_flush();

• Next in forum: Re: fopen - append works, write fails (but file is truncated)
• Prev in forum: Re: Authentication for File downloads
• Thread view: Re: Authentication for File downloads

[Reply to this message]