Posted by Oli Filth on 09/15/05 17:19

kachorro wrote:
> Hi all!
>
> Ive been working in jpg downloader for my site.
>
> The user chooses a pic and if he is a valid user, he is able to download the
> pic.
>
> My code is like that..
> <?
> ob_start()
> ?>
> if (picChoose()){
> if (validUser()){
> header (Location: downloader.php?img=1.jpg)
> }
> }else{
> echo from to select the pic
> }
> <?
> ob_flush()
> ?>
>

With the setup above, what's to stop the use just browsing straight to
downloader.php?img=... ?


> Calling the code in upper way the img is downloaded and downloaded ok,
> but, if i write the code like below
> if (validUser()){
> $fd=null, $buffer=null;
> if ($fd = fopen ($ruta, "r")) {
> $fsize = filesize($ruta);
> $infoRuta = pathinfo($ruta);
> $ext = strtolower($infoRuta["extension"]);
>
> header("Content-type: application/octet-stream");
> header("Content-Disposition: filename=\"".
> $infoRuta["basename"]."\"");
>
> header("Content-length: $fsize");
> header("Cache-control: private");
> while(!feof($fd)) {
> $buffer = fread($fd, 2048);
> }
> }
> fclose ($fd);
> exit;
> }
>
> it does not work properly

This code shouldn't do anything useful at all? All it will do is
overwrite $buffer with every 2KB of the image file, and output nothing!
(other than the headers)


--
Oli

• Next in forum: Custom encoding - compressing string
• Prev in forum: Re: permission denied while include file
• Thread view: Re: jpg downloader

[Reply to this message]