/    Sign up×
Community /Pin to ProfileBookmark

Download from cgi-bin

Copy linkTweet thisAlerts:
Feb 17.2006

I have a script that allows a user to enter a password. After I verify the password is OK, I give them a button that they can click to download a file. The file is located in my cgi-bin. I guess that cannot be done because when I put it in the root directory, I have no problems. How do I protect the file if I cannot put it in the cgi-bin directory? Any help is appreciated!
Thanks,
-tdavis

to post a comment

10 Comments(s)

Copy linkTweet thisAlerts:
@NedalsFeb 18.2006 — Put the file in a web-inaccessible directory. Then use a password protected .cgi script to print the file with the appropriate headers, depending on the file type.
Copy linkTweet thisAlerts:
@tdavisauthorFeb 18.2006 — I think that is exactly what I did. I have a Perl script that points directly to a zip file. I am not sure what you mean by the headers. How can I do that with a .zip file?
Copy linkTweet thisAlerts:
@NedalsFeb 18.2006 — When you return an HTML page, you need to preceed the page with a HTTP header.

eg: print "Content-Type: text/htmlnn";

When you want the user to download a file, you want the 'save-as' popup box to appear (instead of printing the page to the screen). So you use something like...

print "Content-Type: application/zipn";

print "Content-Disposition: attachment; filename=$filename.zipnn";

My memory is shot, and I don't have my books at home, so I'm not sure if that is absolutely correct... something similar anyway.

[b]UPDATE:[/b]

Opps! I think I answered a question that wasn't there. ?

You said you put the file in the .cgi-bin. Take it out of there and put it in some other non-accessible directory. And in you script, make sure you use the FULL path to the file. ( /usr/local/..... or whatever)
Copy linkTweet thisAlerts:
@tdavisauthorFeb 18.2006 — That almost worked! I have been trying every combination I could think of. That opens the download dialogue, but the file that gets downloaded is empty. Here is the code to download the zip file. This code is the href (pointed to) from another cgi that has the download button. What am I missing?

[COLOR=Indigo]#!/usr/local/bin/perl

$filename = "cpyftpf.zip";

print "Content-Type: application/zipn";

print "Content-Disposition: attachment; filename=$filenamenn";

[/COLOR]

Thanks for your help!

-tdavis
Copy linkTweet thisAlerts:
@tdavisauthorFeb 18.2006 — I missed your update.

I will try that.
Copy linkTweet thisAlerts:
@tdavisauthorFeb 18.2006 — Still no luck. Here is the code:

#!/usr/local/bin/perl

$filename = "/opt2/tdavisco/httpd/download/cpyftpf.zip";

print "Content-Type: application/zipn";

print "Content-Disposition: attachment; filename=$filenamenn";

I am feeling really stupid...
Copy linkTweet thisAlerts:
@NedalsFeb 18.2006 — 
$filename = "cpyftpf.zip";

print "Content-Type: application/zipn";

print "Content-Disposition: attachment; filename=$filenamenn";[/quote]Filename here is ONLY a name. It is not the content.

I am feeling really stupid...[/QUOTE]Not so stupid ?

You got me thinking....

I'm pretty sure you cannot simply name a file and download it... ponders!!

You are going to have to print it line-by-line.

<i>
</i>my $name = "cpyftpf.zip"; // name the user sees - can be any name
print "Content-Type: application/zipn";
print "Content-Disposition: attachment; filename=$namenn";

my $filename = "/opt2/tdavisco/httpd/download/cpyftpf.zip";
open(FIL,"&lt;$filename") || die "Cannot open $filename, $!";
while (&lt;FIL&gt;) { print $_; }
close(FIL);
Copy linkTweet thisAlerts:
@tdavisauthorFeb 18.2006 — That seems to work! I will have to make sure the zip file is all there. It is the correct size anyway. It is not really a PKZIP file (is that still the correct terminolgy?). I have to upload it to my AS400 and make sure it has all my objects. I'll let you know, but thanks a million! I would never have gotten that.
Copy linkTweet thisAlerts:
@tdavisauthorFeb 18.2006 — 100%

Thanks again!!!
Copy linkTweet thisAlerts:
@callsaurabhJul 03.2019 — I am trying to download csv file from server.File is getting downloaded however it is empty.Any suggestions are highly welcome.Filename is Maintenance_File.csv which is present in /home/netcool location.

#!/usr/bin/perl

use CGI ':standard';

use CGI::Carp qw(fatalsToBrowser);

my $files_location;

my $ID;

my @fileholder;

$files_location = "/home/netcool";

#$ID = param('file');

$ID = "Maintenance_File.csv";

#print "Content-type: text/htmlnn";

#print "ID =$ID";

if ($ID eq '') {

print "You must specify a file to download.";

} else {

$fileloc="/home/netcool/" . $ID;

open(DLFILE, "$fileloc") || Error('open', 'file');

@fileholder = <DLFILE>;

close (DLFILE) || Error ('close', 'file');

#print "Files data = @fileholder";

print "Content-Type:application/octet-stream;n";

print "Content-Disposition:attachment;filename="$ID"rnn";

print @fileholder

#open(DLFILE, "< $fileloc") || Error('open', 'file');

#while(read(DLFILE, $buffer, 100) ) {

# print("$buffer");


#}

#close (DLFILE) || Error ('close', 'file');

}
×

Success!

Help @tdavis spread the word by sharing this article on Twitter...

Tweet This
Sign in
Forgot password?
Sign in with TwitchSign in with GithubCreate Account
about: ({
version: 0.1.9 BETA 4.25,
whats_new: community page,
up_next: more Davinci•003 tasks,
coming_soon: events calendar,
social: @webDeveloperHQ
});

legal: ({
terms: of use,
privacy: policy
});
changelog: (
version: 0.1.9,
notes: added community page

version: 0.1.8,
notes: added Davinci•003

version: 0.1.7,
notes: upvote answers to bounties

version: 0.1.6,
notes: article editor refresh
)...
recent_tips: (
tipper: @Yussuf4331,
tipped: article
amount: 1000 SATS,

tipper: @darkwebsites540,
tipped: article
amount: 10 SATS,

tipper: @Samric24,
tipped: article
amount: 1000 SATS,
)...