From: "Jacob Kruger" on
Ok, worked perfectly.

Only thing had to remember was to first move all html headers markup tags
below the relevant header commands, or else it seemed to include them in the
data stream, and therefore corrupt the document a bit.

Thank you for the help.

Stay well

Jacob Kruger
Blind Biker
Skype: BlindZA
'...fate had broken his body, but not his spirit...'

----- Original Message -----
From: "Richard Quadling" <rquadling(a)googlemail.com>
To: "Jacob Kruger" <jacobk(a)mailzone.co.za>
Cc: <php-windows(a)lists.php.net>
Sent: Wednesday, January 27, 2010 1:20 PM
Subject: Re: [PHP-WIN] Server side redirection - yet again


> 2010/1/27 Jacob Kruger <jacobk(a)mailzone.co.za>:
>> Makes sense, and sort of what thought would be possible/doable.
>>
>> Will look into it - off-hand, what function etc. do you use to set
>> document/response headers?
>>
>> TIA
>>
>> Jacob Kruger
>> Blind Biker
>> Skype: BlindZA
>> '...fate had broken his body, but not his spirit...'
>>
>> ----- Original Message ----- From: "Richard Quadling"
>> <rquadling(a)googlemail.com>
>> To: "Jacob Kruger" <jacobk(a)mailzone.co.za>
>> Cc: <php-windows(a)lists.php.net>
>> Sent: Wednesday, January 27, 2010 12:42 PM
>> Subject: Re: [PHP-WIN] Server side redirection - yet again
>>
>>
>>> 2010/1/27 Jacob Kruger <jacobk(a)mailzone.co.za>:
>>>>
>>>> I know this most likely isn't possible, and am currently using
>>>> javascript,
>>>> along with using PHP script in each page to just double check a session
>>>> login before displaying page content to make sure the user/person
>>>> browsing
>>>> the specific page is in fact logged in, etc., but I now have a word
>>>> document
>>>> that would be nice to make downloadable from the members section of a
>>>> website, but not sure how it would be possible to really stop someone
>>>> from
>>>> downloading the file if, for whatever reason they had the direct URL
>>>> for
>>>> it,
>>>> without sort of never really offering that to anyone without having
>>>> sort
>>>> of
>>>> redirected them via backend to get the file - sort of like maybe
>>>> loading
>>>> the
>>>> file into a buffer of sorts, setting the response file type, and then
>>>> sending it to them - not sure how possible/doable this is via PHP, or
>>>> on
>>>> a
>>>> linux server?
>>>>
>>>> I know I could alternatively just create an HTML file bazsed on the
>>>> word
>>>> document, and then implement the PHP session checking into it, etc.,
>>>> but
>>>> would really prefer to just keep the document unchanged as such.
>>>>
>>>> Stay well
>>>>
>>>> Jacob Kruger
>>>> Blind Biker
>>>> Skype: BlindZA
>>>> '...fate had broken his body, but not his spirit...'
>>>>
>>>>
>>>> __________ Information from ESET NOD32 Antivirus, version of virus
>>>> signature
>>>> database 4808 (20100126) __________
>>>>
>>>> The message was checked by ESET NOD32 Antivirus.
>>>>
>>>> http://www.eset.com
>>>>
>>>>
>>>>
>>>>
>>>> --
>>>> PHP Windows Mailing List (http://www.php.net/)
>>>> To unsubscribe, visit: http://www.php.net/unsub.php
>>>>
>>>>
>>>
>>> Step 1 would be to put the document outside of the
>>> doc_root/public_html/etc. That way there is no direct URL.
>>>
>>> Step 2 would be to create a downloader which validates the session and
>>> if all is well, issues the appropriate headers to force a download and
>>> then readfile() the document.
>>>
>>> No direct access to the download. Must be validated to get the
>>> download. Simple to implement.
>>>
>>> --
>>> -----
>>> Richard Quadling
>>> "Standing on the shoulders of some very clever giants!"
>>> EE : http://www.experts-exchange.com/M_248814.html
>>> EE4Free : http://www.experts-exchange.com/becomeAnExpert.jsp
>>> Zend Certified Engineer :
>>> http://zend.com/zce.php?c=ZEND002498&r=213474731
>>> ZOPA : http://uk.zopa.com/member/RQuadling
>>>
>>> --
>>> PHP Windows Mailing List (http://www.php.net/)
>>> To unsubscribe, visit: http://www.php.net/unsub.php
>>>
>>>
>>> __________ Information from ESET NOD32 Antivirus, version of virus
>>> signature database 4809 (20100127) __________
>>>
>>> The message was checked by ESET NOD32 Antivirus.
>>>
>>> http://www.eset.com
>>>
>>>
>>>
>>
>>
>> __________ Information from ESET NOD32 Antivirus, version of virus
>> signature
>> database 4809 (20100127) __________
>>
>> The message was checked by ESET NOD32 Antivirus.
>>
>> http://www.eset.com
>>
>>
>>
>>
>
> Edited code from one of my classes...
>
> <?php
> // Do your session validation and redirection first.
>
> // You will need to have something like $_GET['FileID'] to determine which
> file.
>
> // You will need to translate the $_GET['FileID'] to the actual file
> name => $PhysicalFileName
>
> // I use the following headers to force a downloads.
>
> // You can change the Content-Type to application/msexcel of Excel or
> application/pdf for Adobe Acrobat files, etc.
>
> header('HTTP/1.1 200 OK', True, 200);
> header('Content-Description: File Transfer');
> header('Content-Type: application/msword');
> header('Content-Disposition: attachment; filename="document.doc"');
> header('Content-Transfer-Encoding: binary');
> header('Expires: 0');
> header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
> header('Pragma: public');
> header('Content-Length: ' . filesize($PhysicalFileName));
>
> // readfile() will simply pass the file from the drive straight to the
> client.
> readfile($PhysicalFileName);
>
> // Exit to close the process.
> exit;
>
>
> --
> -----
> Richard Quadling
> "Standing on the shoulders of some very clever giants!"
> EE : http://www.experts-exchange.com/M_248814.html
> EE4Free : http://www.experts-exchange.com/becomeAnExpert.jsp
> Zend Certified Engineer : http://zend.com/zce.php?c=ZEND002498&r=213474731
> ZOPA : http://uk.zopa.com/member/RQuadling
>
> __________ Information from ESET NOD32 Antivirus, version of virus
> signature database 4809 (20100127) __________
>
> The message was checked by ESET NOD32 Antivirus.
>
> http://www.eset.com
>
>
>


__________ Information from ESET NOD32 Antivirus, version of virus signature database 4810 (20100127) __________

The message was checked by ESET NOD32 Antivirus.

http://www.eset.com



From: Richard Quadling on
2010/1/27 Jacob Kruger <jacobk(a)mailzone.co.za>:
> Ok, worked perfectly.
>
> Only thing had to remember was to first move all html headers markup tags
> below the relevant header commands, or else it seemed to include them in the
> data stream, and therefore corrupt the document a bit.

I wouldn't expect there to be any HTML tags in this script. It should
do 1 of 3 things.

1 - Issue a redirect header to the login/home page if the session is invalid.
2 - Do nothing if the requested document id is invalid - though you
may want to do something different.
3 - Output the headers and the document.

--
-----
Richard Quadling
"Standing on the shoulders of some very clever giants!"
EE : http://www.experts-exchange.com/M_248814.html
EE4Free : http://www.experts-exchange.com/becomeAnExpert.jsp
Zend Certified Engineer : http://zend.com/zce.php?c=ZEND002498&r=213474731
ZOPA : http://uk.zopa.com/member/RQuadling
From: "Jacob Kruger" on
Ok, also makes sense.

Only thing is was making use of javascript to handle redirection since was
pretty sure there wasn't/couldn't find the relevant documentation on
redirecting headers - obviously haven't done enough research recently
<smile>

In past using ASP/ASP.Net I would have made use of something like
Response.Redirect, but when I looked for something like this in PHP around a
year or two ago, I didn't seem to find it, but will look again - thanks for
the wake up.

Stay well

Jacob Kruger
Blind Biker
Skype: BlindZA
'...fate had broken his body, but not his spirit...'

----- Original Message -----
From: "Richard Quadling" <rquadling(a)googlemail.com>
To: "Jacob Kruger" <jacobk(a)mailzone.co.za>
Cc: <php-windows(a)lists.php.net>
Sent: Wednesday, January 27, 2010 3:54 PM
Subject: Re: [PHP-WIN] Server side redirection - yet again


> 2010/1/27 Jacob Kruger <jacobk(a)mailzone.co.za>:
>> Ok, worked perfectly.
>>
>> Only thing had to remember was to first move all html headers markup tags
>> below the relevant header commands, or else it seemed to include them in
>> the
>> data stream, and therefore corrupt the document a bit.
>
> I wouldn't expect there to be any HTML tags in this script. It should
> do 1 of 3 things.
>
> 1 - Issue a redirect header to the login/home page if the session is
> invalid.
> 2 - Do nothing if the requested document id is invalid - though you
> may want to do something different.
> 3 - Output the headers and the document.
>
> --
> -----
> Richard Quadling
> "Standing on the shoulders of some very clever giants!"
> EE : http://www.experts-exchange.com/M_248814.html
> EE4Free : http://www.experts-exchange.com/becomeAnExpert.jsp
> Zend Certified Engineer : http://zend.com/zce.php?c=ZEND002498&r=213474731
> ZOPA : http://uk.zopa.com/member/RQuadling
>
> --
> PHP Windows Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>
> __________ Information from ESET NOD32 Antivirus, version of virus
> signature database 4810 (20100127) __________
>
> The message was checked by ESET NOD32 Antivirus.
>
> http://www.eset.com
>
>
>


__________ Information from ESET NOD32 Antivirus, version of virus signature database 4810 (20100127) __________

The message was checked by ESET NOD32 Antivirus.

http://www.eset.com



From: "Jacob Kruger" on
Ok, just looked for and found the following header command that seems to
work perfectly:
header( 'Location: http://www.google.com/' );

I then just add an exit; command after it, and means don't have to worry
about corrupting markup, invalid browsers blocking javascript etc.

Stay well

Jacob Kruger
Blind Biker
Skype: BlindZA
'...fate had broken his body, but not his spirit...'

----- Original Message -----
From: "Richard Quadling" <rquadling(a)googlemail.com>
To: "Jacob Kruger" <jacobk(a)mailzone.co.za>
Cc: <php-windows(a)lists.php.net>
Sent: Wednesday, January 27, 2010 3:54 PM
Subject: Re: [PHP-WIN] Server side redirection - yet again


> 2010/1/27 Jacob Kruger <jacobk(a)mailzone.co.za>:
>> Ok, worked perfectly.
>>
>> Only thing had to remember was to first move all html headers markup tags
>> below the relevant header commands, or else it seemed to include them in
>> the
>> data stream, and therefore corrupt the document a bit.
>
> I wouldn't expect there to be any HTML tags in this script. It should
> do 1 of 3 things.
>
> 1 - Issue a redirect header to the login/home page if the session is
> invalid.
> 2 - Do nothing if the requested document id is invalid - though you
> may want to do something different.
> 3 - Output the headers and the document.
>
> --
> -----
> Richard Quadling
> "Standing on the shoulders of some very clever giants!"
> EE : http://www.experts-exchange.com/M_248814.html
> EE4Free : http://www.experts-exchange.com/becomeAnExpert.jsp
> Zend Certified Engineer : http://zend.com/zce.php?c=ZEND002498&r=213474731
> ZOPA : http://uk.zopa.com/member/RQuadling
>
> --
> PHP Windows Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>
> __________ Information from ESET NOD32 Antivirus, version of virus
> signature database 4810 (20100127) __________
>
> The message was checked by ESET NOD32 Antivirus.
>
> http://www.eset.com
>
>
>


__________ Information from ESET NOD32 Antivirus, version of virus signature database 4810 (20100127) __________

The message was checked by ESET NOD32 Antivirus.

http://www.eset.com