Redirecting a user to a file without invoking .htaccess...

faydra92

How can you redirect a user to a file without invoking .htaccess?

readfile("file");

will not work, as php can time out, or stop responding, or use too much ram, etc..

header("Location: file");
will not work either.. as this will invoke .htaccess

can anyone think of anyway to redirect a user to a file without invoking htaccess?

Mordecai

Use fopen() and fread(). They can time out, like readfile(), but there's nothing better.

faydra92

is there any way to redirect without invoking htaccess?

John_Canyon

What exactly are you trying to accomplish?

Are you trying to feed them a download?

Are you trying to redirect them if they have reached
a page that no longer exists?

Maybe you can clarify a little more for newbs like myself 😃

a redirect would look something like this:
header("location: http://yoururl.com");

Cheers

superwormy

fopen() or readfile() are your best bets. You can change the amount of memory PHP is allowed to use, adn you can set_time_limit(0) to make it not time out.

faydra92

Originally posted by John Canyon
What exactly are you trying to accomplish?

Are you trying to feed them a download?

Are you trying to redirect them if they have reached
a page that no longer exists?

Maybe you can clarify a little more for newbs like myself 😃

a redirect would look something like this:
header("location: http://yoururl.com");

Cheers

by using header(location: url), it invokes htaccess (unless someone knows how to change that)

Weedpacket

Question: why do you want to prevent invocation of .htaccess on redirect? Isn't that like saying "I want my security to be avoided"?

If the client asks the server for a resource, the server is going to look at .htaccess or equivalent to see if the client is allowed access to it. That's the whole point. All a Location: header does is tell the client to "request this URL". If and when the client does then that's a whole new request.

You've been given alternatives, but you'd be better off fixing your access control (if it didn't need fixing you wouldn't need to bypass it).

faydra92

Originally posted by Weedpacket
Question: why do you want to prevent invocation of .htaccess on redirect? Isn't that like saying "I want my security to be avoided"?

If the client asks the server for a resource, the server is going to look at .htaccess or equivalent to see if the client is allowed access to it. That's the whole point. All a Location: header does is tell the client to "request this URL". If and when the client does then that's a whole new request.

You've been given alternatives, but you'd be better off fixing your access control (if it didn't need fixing you wouldn't need to bypass it).

lets say i redirect all requests *.jpg to a php file.. now, if the php file checks referrer, ip and anything else id like to check, and says "ok this user can download the file". the php file tries to redirect the user to the requested jpg file. but guess what, that request is caught by htaccess, and htaccess points to the php file, the php file back to htaccess - an infinite loop is created.

i need php to redirect the user to the file, WITHOUT invoking htaccess - either with a change in the php file, or htaccess itself.

Weedpacket

And why do you want to have .jpg requests redirected to .php requests? Is that to prevent users from using a URL to obtain the images directly without going through the script? But then you want the script to give them a URL that they can use to obtain the images directly without going through the script? Sounds very confused.

Maybe you should concentrate more on why you're having problems with readfile() et al.

superwormy

From what I gather, you're trying to restrict access to certain files UNLESS the user is logged in.

So you don't want your visitors to be able to get at a file unless PHP says they are allowed to get it. Correct? Something of an online purchase system, buy a picture, but you can't see and download it until after you've paid. Yes?

From that standpoint, you have just a few options that I know of.
www.php.net/readfile
www.php.net/fopen
www.php.net/fpassthru

There is absolutely no reason that those should not work for you.

If you have memory issues, you can increase the memory limit in your php.ini file or use ini_set()

This IS NOT redirecting the user, it is feeding the user a file stream. There is absoultely NO WAY you can REDIRECT the user to the file without invoking .htaccess ( that I know of anyway )

If that will not work for osme reason, you need to explain to us why it won't work for you, so we can see if we can find a way around it.

Furthermore, you SHOULD NOT be using HTTP_REFERER ( the referer ) and you SHOULD NOT be using REMOTE_ADDR ( the IP addr. ) to check whether or not a user is allowed to get a file. HTTP_REFERER is set on the client side, and IP addresses regularly change ON EACH REQUEST for AOL users, can be teh same for many people over Proxy / NAT / Router and can be spoofed.