How can the readfile function be used to offer files for download without revealing direct links?

When offering files for download, it is important to not reveal direct links to the files as it can lead to security risks such as unauthorized access or hotlinking. One way to solve this issue is by using PHP to create a script that reads the file from the server and serves it to the user without exposing the direct link.

&lt;?php
$file = &#039;path/to/file.txt&#039;;
header(&#039;Content-Description: File Transfer&#039;);
header(&#039;Content-Type: application/octet-stream&#039;);
header(&#039;Content-Disposition: attachment; filename=&quot;&#039;.basename($file).&#039;&quot;&#039;);
header(&#039;Expires: 0&#039;);
header(&#039;Cache-Control: must-revalidate&#039;);
header(&#039;Pragma: public&#039;);
header(&#039;Content-Length: &#039; . filesize($file));
readfile($file);
exit;
?&gt;

Keywords

readfile file download direct links PHP security

How can the readfile function be used to offer files for download without revealing direct links?

Keywords

Related Questions