How to prevent direct access to my download file using CodeIgniter.
Supposed I stored all of my file in
application/secretdirectory/file1.jpg
application/secretdirectory/file2.text
application/secretdirectory/file3.zip
usually, I create direct link to access these files.
<a href="application/secretdirectory/file3.zip" > download here </a>
I want to prevent it, I want my link will be
<a href="<? echo site_url() . "download/file3.zip" ?>" > download here </a>
can you help me ???
It's probably a good idea to pass it to a controller like this:
Class File extends Controller{
function download($file){
$data = file_get_contents('path/to/' . $file); // Read the file's contents
$name = $file;
force_download($name, $data);
}
}
Your link would be:
<?php echo anchor('file/download/' . $thefile, 'Download');?>
This way they'd never know which directory it came from.
I'm sure there is a library in CI to assist with this
basically you send headers for the correct MIME type, the content length (filesize()) and then output to the browser to download echo file_get_contents() may work)
If using Apache, you'll also want to deny showing directoy content.
<Files .*>
Order Deny,Allow
Deny From All
</Files>
Related
I have a directory called storage inside codeigniter application directory. I want to create direct download to files in this directory. What i currently do is the below function but this isn't direct download.
function download_file($id){
$this->load->helper('download');
$data = file_get_contents(APPPATH . 'storage/videos/'.$id.'.mp4'); // Read the file's contents
force_download($id.'.mp4', $data);
}
Some of these files are gigabytes, how do i generate a direct link to these files?
See the code for creating link for direct download
<a href = "<?= base_url('storage/videos/'.$id.'.mp4') ?>" download ><?= $id.'.mp4' ?></a>
When I use echo base_url() in some portions of the application, it works fine.
My base_url() is http://localhost:8080/appname/
But when I do this <?php echo base_url(); ?>data/profile/avatar-5.png
The url appears like http://localhost:8080/appname/admin/data/profile/avatar-5.png where admin is a folder. I guess its because from where it is called from. But yet the base_url() should actually give the right url. Any ideas?
In order to use base_url(), you must first have the URL Helper loaded. This can be done either in application/config/autoload.php:
$autoload['helper'] = array('url');
Or, manually:
$this->load->helper('url');
Also don't forget to set base_url in application/config/config.php
$config['base_url'] = "http://localhost:8080/appname/';
Then try
<?php echo base_url('data/profile/avatar-5.png'); ?>
If the base path is not working for you, you can try my solution which I usually use
Create an separate path for logo or image
$config['image_path'] = ' http://localhost:8080/appname/admin/data/profile/';
use that in you view controller as
echo $this->config->item('image_path').$imagename;
welcome page only shows. If I create new controller and view means it shows '404 Not found' .
Controller - Create.php
<?php
defined('BASEPATH') OR exit('No direct script access allowed');
class Create extends CI_Controller {
public function index()
{
$this->load->view('create');
}
}
View - create.php
<?php
defined('BASEPATH') OR exit('No direct script access allowed');?>
<!DOCTYPE html>
<html lang="en">
<body>
<h1>Welcome to CodeIgniter!</h1>
</body>
</html>
I have run like this in browser - "http://example.com/Create/". But it shows 404 Not Found. I gave permission to all files also.
Firstly it showing welcome page because default controller is welcome in application\config\routes.php file
$route['default_controller'] = "welcome";
Only default controller can be use without index.php.
so try this for other controllers "http://example.com/index.php/controllerName/functionName"
You can refer to : https://ellislab.com/codeigniter/user-guide/general/urls.html
Do you have these set?
$config['base_url'] = '';
$config['index_page'] = '';
I think it is an upper case issue. Linux is case sensitive.
The fix is that you make sure you capitalize all your controller file names i.e in the controller folder, instead of welcome.php change it to Welcome.php
I hope this helped.
You need to enable mod_rewrite and set the "AllowOverride" option to "All" in your apache2.conf file.
To enable the mod_rewrite you just need to enter to a terminal and type the folllowing command:
a2enmod rewrite (as root user)
To set the AllowOverride All in the apache2.conf file you need to open it and set the AllowOverride option from None to All in the section, like this:
<Directory /var/www/html/>
AllowOverride All
</Directory>
If it doesn't exist then write it.
I was trying to set up a basic log in form with a following code:
<?=form_open(base_url() . 'main/login'); ?>
However after submitting the form the url shows this:
example.com/main/http//example.com/http//example.com/main/login
So I guess in essence for some reason the base-url is printed twice before the controller/method declaration. If I clear the base url value in my config file then the application works normally. I am however curious on what could cause this. For additional information I am working on xampp with a virtualhost and I have mod-rewrite on with a .htaccess file located at the document root.
CodeIgniter automatically adds the base_url to the action of the form when you use the form helper.
For example, you can use:
<?=form_open('main/login'); ?>
which will produce:
http//example.com/main/login
And a correct URL! Pretty simple! :D
More information at:
http://codeigniter.com/user_guide/helpers/form_helper.html
The file config.php under application/config has the setting:
$config['base_url'] = '';
Give it the folder/directory path. For example:
$config['base_url'] = 'http://localhost/ci_test/';
Don't forget to mention the protocol (http://). Alternatively try the site_url() method instead of base_url() for form opening. Skip it if using the form_open() function:
<form action="<?php echo site_url('main/login'); ?>"> ... </form>
Or
<?php form_open('main/login'); ?>
For more help: http://codeigniter.com/user_guide/helpers/url_helper.html
Not sure about the .htaccess file you have used. But this might be the answer codeigniter: why is that when i echo base_url() in an href attribute of an anchor tag, it echoes twice
Try it by parameter:
<?=form_open(base_url('main/login')); ?>
or
<?=form_open site_url('main/login')); ?>
In order to append the prefix also
You can Use
<?php echo form_open(base_url(main/login)); ?>
You have to use "echo" rather than because it not works in some browsers....
I am a codeignite newbie and tried to add an image in my file under view folder.
I add <img src="../images/myImage.jpg"></img> to my service_view.php. All I can see is a broken link of a small icon.
however, if I change my path to
<img src="../../user_guide/images/myImage.jpg"></img>
I can see the image.
My file system is as follow:
application-
view ->folder (where service_view.php is located)
images -> folder (where myImage.jpg is located)
user_guide-
images ->folder ((where myImage.jpg is located))
Can anyone help me about this? Thanks a lot!
I would suggest storing images in an images folder at the same level as the application folder, instead of trying to mix both PHP code and resources underneath application. Then just link to it like you did to the user guide:
<img src="../../images/myImage.jpg" />
I know more than year has passed since the question was asked but for anyone who comes looking in future, Here is my solution....
I've tried this created a folder images at same level as that of application, in main index.php added a line before last require_once statement.
define('IMAGE_PATH', APPPATH.'../images/');
and used IMAGE_PATH anywhere I wanted to display images.
Hope this helps
I just have an image folder,
domain.com/images
then on the views i just use /images
<img src="<?php echo base_url(); ?>images/image.png" />
and put the images folder outside of the application folder in the same directory
Create an images folder at the same level of the applications folder.
With base_url() you can get the location of your site's base (cfr config).
This is useful because unlike site_url(), you can supply a string to a file, such as an image or stylesheet.
For example:
<img src="<?php echo base_url("/images/icons/stackOverflow.png"); ?>" alt="StackOverflow" title="StackOverflow is the best!" />
This would give you something like: ... src="http://example.com/images/icons/stackOverflow.png" ...
Source: http://ellislab.com/codeigniter/user-guide/helpers/url_helper.html
it is better practice to upload the images in a folder that is present in the root or the site folder and use base href in the first line of head tag. then the whole page does not need and http path reference. just use the relative path. as codeigniter run using the index.php file in the root, we should use all the relative path w.r.t that index.php page
on local server try this
<img src="http://localhost/ci/uploads/<?php echo $this->upload->data()['file_name'];?>" width="200px"/>
on live use this
<img src="<?php echo base_url();?>/uploads/<?php echo $this->upload->data()['file_name'];?>" width="200px"/>
put a folder on your root directory such as "assets/images/" and the in your code just use it as
<img src="assets/images/imgname.jpg"></img>
Your file structure should be
-applications
-images
-assets
-Or any folder.
Keep the application folder, images folder, and assets folder inside the basic root folder.
Use when you want to include something from your root folder
FCPATH = C:\xampp\htdocs\your_root_folder\
<img src="<?php echo FCPATH; ?>/images/myImage.jpg" />
<img src="<?php echo base_url('/assests/images/image_name.jpg')?>" alt="">
This is the exact path for codeigniter, don't need write the "../../.." just write the path from assets (folder name)(sibling of application).
base_url gives the path of your project folder, not the path of the view folder inside application folder.