Hi everyone,

I've brought this up before... but no one seemed to know at the time (and it was in a different forum). A cookie for anyone who can tell me how to get a PDF file from a directory that is NOT accessible from the web to be passed through to a visitor's browser such that it is opened in the browser (assuming the user has Acrobat/Reader installed).

This is what I've tried, to no avail...

$dir="C:/protected_files/"; //this is the "offline" directory in which the protected files are stored
if (isset($_REQUEST["file"])) { //checks to see if a file name was specified in the referring URL
   $file=$dir . $_REQUEST["file"]; //if so, the $file variable is set to the name that was specified

if (file_exists("$file")) { //checks to see if the requested file actually exists, and if it does, it gets passed through to download
    header("Content-type: application/pdf");
    header("Content-Transfer-Encoding: Binary");
    header("Content-length: " . filesize($file));
    header("Content-disposition: inline; filename=" . basename($file) . "");
}

Thanks a mil!

    Here's the code (well the part of code that displays the PDF) that i use

    $filename = '/path/to/pdf.pdf'; // i use linux for you it would be 'c:\\\\path\\\\to\\\\pdf.pdf'; (use \\\\ as \\ need to be escaped!)

header("Expires: Mon, 26 Jul 1997 05:00:00 GMT"); 
header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT"); 
header("Cache-Control: no-store, no-cache, must-revalidate"); 
header("Cache-Control: post-check=0, pre-check=0", false);
header("Pragma: no-cache");
header('Content-type: application/pdf');
readfile($filename);

    the REALLY important lines are, the last header line (this tells the browser the MIME type of the content to be sent. and the readfile() line.
    readfile() just passes the contents of anyfile straight to the browser with no parsing done. it can open ANY file on the SERVER'S filesystem (as long as the web-server user has read permissions on the file.) regardless of whether its in the web-server's DOCROOT.

    hope this helps.

    Jamie

      17 days later

      It sure does, Jamie, thanks! I tried the code you use, and that code will definitely prompt the file download dialog, but it won't allow a PDF file to open in Internet Explorer 6.1 for Win or Netscape 7.1 for Win.

      I did, however, do some research to figure out how to do the abovementioned. In case anyone else is interested, I found some nifty CGI script at http://www.delorie.com/web/headers.html, which lets you view the headers of any web-based content.

      I basically just copied the header information from a link that points directly to a PDF file (no PHP stuff) and included that information in my pdf_download.php file, and it works like a charm. The ticket was the E-Tag and Accept Ranges headers, which appear to be needed for the Acrobat Active-X control to read the file properly. Anyway, here's the code that works:

      <?php
$dir="C:/my/protected/files/"; //this is the "offline" directory; Win32 users can use foreward slashes, too, not just UNIX/LINUX/ETC
if (isset($_REQUEST["file"])) { //checks to see if a file name was specified in the referring URL
   $file = $dir . $_REQUEST["file"]; //if so, the $file variable is set to the name that was specified

if (file_exists("$file")) { //checks to see if the requested PDF file actually exists, and if it does, it gets passed through to download
	header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
	header("ETag: \"eb73-96795-4d7a1300\"");
	header("Accept-Ranges: bytes");
	header("Content-Length: " . filesize($file));
	header("Connection: close");
	header("Content-Type: application/pdf");
	readfile($file);
}

else {
	//say whatever you want to say if the file name supplied was not valid for whatever reason
	die();
}
}
?>

      Hope someone finds this useful. Hell, use it with an authentication
      script to serve up member-only documents or something.

      Ben

        Write a Reply...