Direct to Download Images and PDFs

Posted by Terri Ann
November 16, 2007

At work one day we were discussing how one of our clients wanted people to be able to download images.

We set up the page where the thumbnails linked to the full size image.
That wasn't good enough.
Even with text that says: "Right click to save" or "'File>Save As' to save"
Still not good enough.

So I said to myself, Kyle...that's what I call myself.

Moving on. I knew that there was a PHP header that could be sent to force a PDF to download instead of opening so I hunted it down and sent it over to the developer on the project and suggested she try it with images and see how that worked.

Next thing I know she was sending me a Skype that it had worked, and that I was a genius. Far to brilliant to be this pretty. Some of that might be an over-exaggeration if not a blatant lie.

So I dug up the PHP to load a PDF for direct download

PHP

<?php
    header('Content-Type:application/pdf');
    header('Content-Disposition:attachment;filename=download_pdf.pdf');
    readfile('original.pdf');
?>

And then modified it to do it with an image

PHP

<?php
    header('Content-Type:image/jpeg');
    header('Content-Disposition:attachment;filename=download_image.jpg');
    readfile('original.jpg');
?>

Pretty neat. checkout the demo.

This is also a great way to find the actual source of a file. If a user signs up through a form and after the form has processed and saved the data to the database this script target to a new window could call a file and the user would never know where the source came from.

Also great for allowing a logged in user to download files that are only accessible by themselves so they can't send the link inadvertently to another person.
(See below for further clarification)

Reference

Update 11/18/2007 @ 6pm

In response to Sean's comment (which he further clarified) as:

How ever i don't think that the mention of a security solution is apt because it's trivial to look at what URL is being downloaded with no external applications.

I meant more of a solution for a web application where a user has to login in order to download documents. As long as the downloader script is checking for that session (or cookie) and redirects to the login screen if the user isn't logged in. That's when the ability to use the script and hide the source PDF (or any other file for that matter) for simple security solution would come into play.

9 people have bookmarked this page on Del.icio.us! See what they have to say.

Subscribe to the Ninedays Blog feed to keep up to date with
the newest discoveries, stories and shared tips!Come on, all the cool kids are doing it ;)

Information and Links

Join the fray by commenting, tracking what others have to say, or linking to it from your blog.

Information: 1 year ago; 3 Responses

Feeds and Links: Comment Feed; More by Terri Ann
Social Bookmarking: Del.icio.us; Digg; Technorati; StumbleUpon; Twitter

Categories and Tags: Code; Feature; Work; demo, download, image, pdf, PHP

55 billion subscribers & counting!
Subscribe to the Ninedays Blog feed! * Number most likely exagerated for effect.

Similar Entries

Next Post: Blackout Racing Car Shoot
Previous Post: Reusable Shopping Bags

Reader Comments

Gravatar:
Written by:: sean
Posted:: 1 year ago

it's trivial to look at the download location from the download manager in firefox...

Gravatar:
Written by:: Terri Ann
Posted:: 1 year ago

@sean I'm not sure I follow you. This has nothing to do with managing the client side of the download it has to do with how the server-side presents the files.

I wish you'd provided more detail in your response!

EDIT

Clarification and my response here

Gravatar:
Written by:: russell
Posted:: 2 months ago

you ARE brilliant. works for mp3s (audio/mpeg3) also (and probably every other MIME type).....

thanks - been looking for this for a while.

Ninedays Blog