Deliver Files With PHP

Deliver Files With PHP

Thomas Weinert

Thomas Weinert, papaya Software GmbH

About me

Application Developer▹ PHP

▹ XSLT/XPath

▹ (some) Javascript papaya CMS

▹ PHP based Content Management System

▹ uses XSLT for Templates


Steps

Block Check

▹ Filename

▹ File Tell

▹ Date

▹ Size

▹ Type

▹ Name

Send▹ At Once

▹ Piece By Piece

▹ Limit Optimize

▹ Traffic

▹ Performance

▹ Flash Problems


Block

Move outside document root

.htaccess▹ Deny From All

Rewrite?


Check Filename

dirname(), basename() preg_match strrpos() + substr()

against database▹ Use hashed random strings for id

▹ Split at chars

▹ virtual directory structure


Check File

file_exists()▹ return true for directories

is_file() is_readable()


Check File Type

getimagesize() (no GD needed) /usr/bin/file ext/fileinfo (PHP 5.3)


Tell Date

Last change

header('Last-modified: '. gmdate('D, d M Y H:i:s', $fileDate.' GMT');

header('Expires: '. gmdate('D, d M Y H:i:s', $expireTime).' GMT');

Valid until


Tell Size

Size▹ Show progress in browser

header('Content-length: '.$fileSize);


Tell Type

File Mime Type

Rewrite Filenames▹ IE check filename

header('Content-type: '.$mimeType);


Force Download

IE and Opera

header('Content-type: application/octetstream');

header('Content-type: application/octet-stream');

Others


Tell Filename

For files in browser or IE

header('Content-disposition: inline; filename="'. $data['file_name'].'"');

header('Content-disposition: attachment; filename="'. $data['file_name'].'"');

For downloads - except IE

Escape “ and \ in filename with \


Send – At Once

fpassthru() readfile()

Pro:▹ Easy

Contra:▹ Less control


Send - Piece By Piece

fread() fseek() echo, print() flush()


Send – Piece By Piece

<?php if ($fh = fopen($localFileName, 'r')) { while (!feof($fh) && connection_status() == 0) { echo fread($fh, $bytesPerStep); flush(); } fclose($fh);}?>


Send – Piece By Piece

<?php if ($fh = fopen($localFileName, 'r')) { //seek file to start position if ($fileOffset > 0) { fseek($fh, $fileOffset); } while (!feof($fh) && connection_status() == 0) { echo fread($fh, $bytesPerStep); flush(); } fclose($fh);}?>


Optimize - Traffic

Range-Header▹ Send:

▪ header('Accept-Ranges: bytes');▹ Receive:

▪ $_SERVER['HTTP_RANGE']▪ bytes=[start1][]-[stop1][,start2][-][stop2][...]:

▹ Send:▪ header('Accept-Ranges: bytes');▪ header('HTTP/1.1 206 Partial Content');▪ header(sprintf('Content-Range: bytes %d-%d/%d', ...);


Send – Bandwidth Limit

Track time and send bytes Sleep some time if sent to fast

▹ usleep(), sleep() Send first bytes without limit

Why? ▹ Video-Streaming

▹ User don't need all data


if ($shapeRequest) { $bytesSend += $bytesPerStep; if ($bytesSend > $shapeLimitStart) { $timeDiff = microtime(TRUE) - $timeStart; $rate = ($bytesSend - $shapeLimitStart) / $timeDiff; if ($rate > $shapeLimitRate) { $sleepFunction($sleepTime); } }}


Optimize - Performance

Close Sessions▹ session_write_close()

X-Sendfile▹ header('X-Sendfile: '.$localFileName);

▹ Header for Lighttpd

▹ Apache Extension


Optimize – Flash I

Byte offset tables in video file▹ ffmpeg ... -g 500 ...

Special player sends GET parameter▹ JW FLV Player

Server checks GET parameter▹ PHP script

▹ Lighttpd module


Optimize – Flash – Meta Data


Optimize – Flash II

Check for GET parameters▹ start, pos, position

Output magic bytes▹ $flashHeader = 'FLV'.pack('CCNN', 1, 5, 9, 0);▹ 01 (version) 05 (audio and video)

00 00 00 09 (header size) 00 00 00 00 (size of previous tag)

Seek file Output file


Problems

will disable flush() / cause buffering▹ ob_start()

▹ session.use_trans_sid

▹ zlib.output_compression

▹ http:/www.php.net/flush (Comments)

Adobe Acrobat Reader in IE has buggy Range headers support


Links

X-Sendfile▹ http://blog.lighttpd.net/articles/2006/07/02/x-

sendfile

▹ http://tn123.ath.cx/mod_xsendfile/

Flash▹ http://www.jeroenwijering.com/

▹ http://ffmpeg.mplayerhq.hu/

▹

http://www.abasketfulofpapayas.de/

Technology

Deliver Files With PHP