[Discuss] web file download

[Tom Metro]

Stephen Adler wrote:
> I'm writing a web application which downloads files using PHP.

That's a vague statement, but I gather from the context that you are
generating an HTTP response document, and you want it to trigger the
requesting browser to prompt the user to save a file.


> The most comprehensive set of header commands I've seen to initiate a
> file download is the following...
> 
> header('Content-Description: File Transfer');
> header('Content-Type: application/octet-stream');
> header('Content-Disposition: attachment;filename="'.$Filename.'"');
> header('Content-Transfer-Encoding: binary');
> header('Expires: 0');
> header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
> header('Pragma: public');
> header('Content-Length: '.$FileSize);
> header('X-SendFile: '.$StorageDirectory.'/'.$UUID);
> exit();

Why are you exiting? Per your headers, the content of the file should
follow.

(Those generally look like the correct headers, but I couldn't say if
you missed something without looking it up.)


> I'm wondering about the 'Expires:', 'Cache-Control:', and 'Pragma:'
> headers. What are they needed for and how do they make the transfer
> work better.

These are all attempts to get the browser or a proxy in the middle to
not cache the returned content. (Not everyone adhered to the same
standard, so this sort of multiple header kitchen sink approach is common.)

If the content is actually unchanged (i.e. not dynamically generated),
then you don't need and shouldn't include those headers.

 -Tom

-- 
Tom Metro
Venture Logic, Newton, MA, USA
"Enterprise solutions through open source."
Professional Profile: http://tmetro.venturelogic.com/