Header Location + Content Disposition

Benno picture Benno · Feb 27, 2012 · Viewed 11.4k times · Source

So I have a downloads page where you click a link, it opens /downloads/download/randomhash

randomhash is found in the db, i increment a download counter, and then redirect to the actual file e.g. /uploads/2012/file.png.

Everything works except for the redirect doing what I'd like it to do. I'm not sure why it's not working...

  header("Location: " . $row->uri);
  header("Content-Disposition: attachment; filename=$row->name");

On the first load of the file, it has the appropriate content-disposition header (in firebug), but it doesn't prompt the file to be downloaded (which it should, right??). Any ideas?

Response Headers:

Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, public
Connection: Keep-Alive
Content-Disposition: attachment; filename=promotion_photo_2.jpg
Content-Encoding: gzip
Content-Length: 20
Content-Type: text/html; charset=utf-8
Date: Mon, 27 Feb 2012 01:01:22 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=5, max=100
Location: /uploads/2012/mediakitD3CF.jpg
Pragma: no-cache
Server: *
Vary: Accept-Encoding
X-Powered-By: *
X-UA-Compatible: IE=Edge,chrome=1

Answer

guido picture guido · Feb 27, 2012

You are setting the Content-Disposition header in the same response which tells the browser where to redirect. My suggestion is to just stream the attachment on the response, with no redirect

header('Content-Disposition: attachment; filename=file-to-be-downloaded.jpg');
header('Content-type: image/jpeg'); // or what is relevant, ie application/octet-stream
$fn=fopen("path-to-file/file-to-be-downloaded.jpg","r");
fpassthru($fn);