-1

I'm working on a project that allow file uploads, the download file then forces the user to download the file.

the problem is, I have been using file_get_contents, which works fine, except for when allow_url_fopen is disabled, which is something I want to provide a workaround for.

in other cases I have had this issue, I've used cURL, which works well, but I'm wondering if it is safe to use it in this manner?

if cURL is a poor use for this, what other method would be a good way of getting a file's data for download?

just to throw this in, I'm using CodeIgniter 2, if that makes a difference.

Thanks

EDIT: to be clear on my problem, the files will always be local and located on the server the php code is on, this script will NEVER download remote data, which is why cURL seemed like bad usage, but file_get_contents is not an option either due to reason explained earlier.

Eman
  • 1,093
  • 2
  • 26
  • 49
  • It sounds like you are working with files that are remote from the server your site is running on, that would be the only real reason to need using cURL or file_get_contents... is that so? – Pebbl Jun 30 '12 at 14:58
  • the file is local and on the server. the file gets uploaded by a user which ends up on the server, then any user can download that file by clicking on a link that process the download (as the filename is encrypted and the download is logged). every example i see says to use file_get_contents, but thats not always an option. to be clear the file being downloaded will always be coming from the same directory on the server, it should NEVER come from a remote source. – Eman Jun 30 '12 at 23:10

1 Answers1

0

I figured it out, I forgot all about fopen and fread.

that solved my problem.

Eman
  • 1,093
  • 2
  • 26
  • 49
  • 1
    Ah.. just spotted your first answer - gd gd... :) yeah that's what I was getting at with my original question. Best to use local file operations if you are local. file_get_contents is nice and easy / handy, but it is limited by fopen_wrappers. Just for future reference there wouldn't have been anything really "insecure" in using cURL to grab the file (because you would have had full control over the request) but it wouldn't have been optimal at all :) – Pebbl Jul 01 '12 at 00:20