PHP file download method 1. get the file path
GET the file path from $ _ GET ['file ']
$path_parts = pathinfo($_GET['file']);$file_name = $path_parts['basename'];$file_path = '/mysecretpath/' . $file_name;
You must use the above method to obtain the path. you cannot splice strings to obtain the path.
$ Mypath = '/mysecretpath/'. $ _ GET ['file'];
If the input is ../, you can access any path.
2. set header information
Header ('content-Description: File Transfer '); // Description of the returned result header ('content-Type: application/octet-stream'); // Type of the returned Content, here, we only know that it is a binary stream. For specific return types, see http://tool.oschina.net/commonsheader ('content-Disposition: attachment; filename = '. basename ($ file); // enables the browser to pop up the download window header ('content-Transfer-Encoding: binary '); // The Content Encoding method, which is directly binary, do not use gzip to compress the header ('expires: 0'); // Expires header ('cache-Control: must-revalidate'); // Cache policy, which forces the page not to be cached, the role is the same as that of no-cache, but it is stricter. the force means that the header ('pragma: public') is more obvious; header ('content-Length :'. filesize ($ file); // The file size. when the file size exceeds 2 GB, the results returned by filesize () may be incorrect.
3. file_get_contents () method for output files
File_get_contents () reads the file content to the string, that is, to read the file to the memory, and then output the content.
$str = file_get_contents($file);echo $str;
In this way, as long as the file is a little large, it will exceed the memory limit
4. file () method for output files
Similar to file_get_contents (), file () reads the content by row into the array, which also requires memory usage.
$f = file($file);while(list($line, $cnt) = each($f)) { echo $cnt;}
When the file size is large, the memory limit is exceeded.
5. readfile () method for output files
Readfile () method: read a file and write it to the output buffer.
This method can be directly output to the buffer without occupying the memory of the entire file.
To clear the buffer, first let the user see the download file dialog box
While (ob_get_level () ob_end_clean (); // after the header is set, ob_clean (); flush (); // clear the buffer readfile ($ file );
This method can output large files without failure due to memory.
But readfile () also causes PHP memory depletion: http://stackoverflow.com/questions/6627952/why-does-readfile-exhaust-php-memory
PHP has to read the file and it writes to the output buffer. so, for 300 Mb file, no matter what the implementation you wrote (by using small segments, or by 1 big chunk) PHP has to read through 300 Mb of file eventually.
If multiple user has to download the file, there will be a problem. (In one server, hosting providers will limit memory given to each hosting user. with such limited memory, using buffer is not going to be a good idea .)
I think using the direct link to download a file is a much better approach for big files.
PHP requires all files and then outputs them to the buffer. For a MB file, PHP still needs to read MB of memory. Therefore, when multiple users download data at the same time, the buffer also consumes the memory. (Correct the error)
For example, if 100 users are downloading, they need 100 * buffer_size memory.
6. fopen () method for output files
set_time_limit(0);$file = @fopen($file_path,"rb");while(!feof($file)){ print(@fread($file, 1024*8)); ob_flush(); flush();}
Fopen () can be used to read a large file. you can specify to read a part of the content each time. It is also useful when operating large files.
7. Summary
When using PHP to download files, you should pay attention to scenarios. If only a few small files are downloaded, it is better to use PHP to download the files. However, if PHP needs to handle a large number of download requests, the downloaded files should not be handed over to PHP.
For Apache, mod_xsendfile can be used to complete the download task, which is simpler and faster.