强制下载文件已损坏

时间:2017-10-04 15:36:51

标签: php wordpress pdf force-download

我在wordpress网站上运行已修补的下载脚本。文件下载,没有扩展名,甚至当我手动更改扩展名时,文件似乎已损坏。我一直在测试pdf文件而没有运气。它似乎工作正常之前我得到的是损坏的文件。代码如下:

      $resource = $wpdb->get_row("SELECT * FROM ". TABLE_RESOURCES .                " WHERE ID = $resource_id",ARRAY_A);

      $file_path = $resource['url'];

      error_log($file_path);//https://xxxxxxx.wpengine.com/wp-content/uploads/2014/09/Notes_Rainy-Day-Games.pdf
      $fname = $resource['name'];
      error_log($fname);//Rainy Day Games Handout
      $allowed_ext = array (

      // archives
      'zip' => 'application/zip',

      // documents
      'pdf' => 'application/pdf',
      'csv' => 'text/csv',
      'doc' => 'application/msword',
      'docx' => 'application/msword',
      'xls' => 'application/vnd.ms-excel',
      'xlsx' => 'application/vnd.ms-excel',
      'ppt' => 'application/vnd.ms-powerpoint',
      'pptx' => 'application/vnd.openxmlformats-  officedocument.presentationml.presentation',
      'txt' => 'application/txt',
      'rtf' => 'application/txt',

      // executables
      //'exe' => 'application/octet-stream',

      // images
      'gif' => 'image/gif',
      'png' => 'image/png',
      'jpg' => 'image/jpeg',
      'jpeg' => 'image/jpeg',
      'bmp' => 'image/bmp'
     );

    // Make sure program execution doesn't time out
    set_time_limit(0);

    // file size in bytes
    $head = array_change_key_case(get_headers($file_path, TRUE));
    $fsize = $head['content-length'];
    $fext = strtolower(substr(strrchr($file_path,"."),1));
    // check if allowed extension
    if (!array_key_exists($fext, $allowed_ext)) 
    {
      die("Not allowed file type."); 
    }

    // get mime type
    if ($allowed_ext[$fext] == '') 
    {
      $mtype = '';
      // mime type is not set, get from server settings
     if (function_exists('mime_content_type')) 
      {
        $mtype = mime_content_type($file_path);
      }
      else if (function_exists('finfo_file')) 
      {
        $finfo = finfo_open(FILEINFO_MIME); // return mime type
        $mtype = finfo_file($finfo, $file_path);
        finfo_close($finfo);  
      }
      if ($mtype == '') 
      {
        $mtype = "application/force-download";
      }
    }
    else 
    {
      // get mime type defined by admin
      $mtype = $allowed_ext[$fext];
    }
    error_log($mtype); // application/pdf
    // Browser will try to save file with this filename, regardless original filename.
    // You can override it if needed.

    if (!isset($_GET['fc']) || empty($_GET['fc'])) 
    {
      $asfname = $fname;
    }
    else 
    {
      // remove some bad chars
      $asfname = str_replace(array('"',"'",'\\','/'), '', $_GET['fc']);
      if ($asfname === '') $asfname = 'untitled';
    }
    error_log($asfname);//Rainy Day Games Handout
    // set headers
    header("Pragma: public");
    header("Expires: 0");
    header("Cache-Control: must-revalidate, post-check=0, pre-check=0");
    header("Cache-Control: public");
    header("Content-Description: File Transfer");
    header("Content-Type: $mtype");
    header("Content-Disposition: attachment; filename=\"$asfname\"");
    header("Content-Transfer-Encoding: binary");
    header("Content-Length: " . $fsize);
    readfile("$file_path");

0 个答案:

没有答案