I have a website which is a few years old now, it basically offers downloads.
Anyway since moving server people can not download files because its now giving a error 500 error and in the log files it is bringing this error:
malformed header from script. Bad header=1: index.php
The only code which is related to this which I can see anyway is this:
// Echo $productOptionDetails->file;
$file = DOWNLOAD_FOLDER. '/'. $productOptionDetailEntity->file;
if (file_exists($file)) {
header('Content-Description: File Transfer');
header('Content-Type: application/octet-stream');
header('Content-Disposition: attachment; filename='.basename($file));
header('Content-Transfer-Encoding: binary');
header('Expires: 0');
header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
header('Pragma: public');
header('Content-Length: ' . filesize($file) + 1);
ob_clean();
flush();
readfile($file);
exit;
}
Now if I just output:
// Echo $productOptionDetails->file;
$file = DOWNLOAD_FOLDER. '/'. $productOptionDetailEntity->file;
if (file_exists($file)) {
readfile($file);
exit;
}
It outputs lots of encrypted text so its obviously reading something.
What I have read is that the headers are incorrect but after reading loads of content in php.net as well as other websites this looks fine.
Can anyone give a shout on why I am getting these errors?
Thanks
The problem is in
header('Content-Length: ' . filesize($file) + 1);
Dot is evaluated before plus so your code is string + 1, result is 1 and this causes that 1 is sent as header. Correct code should be
header('Content-Length: ' . filesize($file));
because according to this page http://www.php.net/manual/en/function.readfile.php no +1 is used. Other solution is
header('Content-Length: ' . (filesize($file) + 1));
which will work as you want.