PHP > Open File Instead of Force Download

Question

I am trying to modify a script I purchased to 'OPEN' file in a browser, rather than 'FORCE DOWNLOAD' as it currently does. I pasted the code before.

Here is how it currently works.

1. User purchases Blackberry application
2. Email with Download link is clicked.
3. When the URL is clicked the file 'DOWNLOADS' instead of opening or executing.

I would like to make the URL > OPEN in the user's mobile browser instead of forcing the download. When the user receives the link it looks like this:

http://example.com/delivery/ds-download.php?auth=bKKun8%2BFqpqjo56j1G5SaWNjg3Sgopah2NGf05iXop2k26SRzMlyiXaDiXmWZ2Rwd2aXaaOWamSkpGmqaWqommWUbWaonnVqanVucJWlqKaUnMVznsufk8rPccWll9bGp5Gek9HNlaqklad0zZ6RoaFhxKTPomGXzsSc0HVvzdWV0JWg2NKWmqNuiXm5hWxnnqfGosHUp5%2FDyKWic5rJz5XVl6bIyXJmY2lpbZpnZm5qb5Ccx9SXpMLXmMh1b8nZoMyol6GWZm5mYGhnlmdldGSY2aXL2JdwnZKX066h0NCRx3Q%3D&file=install

Can anyone please help me update this so it OPENS instead of force downloading?

<?php
require_once('ds-config.php');

if (isset($_GET['auth']) === TRUE && isset($_GET['file']) === TRUE) {

    if (($product = is_valid_download_request($_GET['auth'])) !== FALSE) {
        header('Pragma: public');
        header('Expires: 0');
        header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
        header('Cache-Control: private', FALSE);
        header('Content-Type: application/force-download');
        header('Content-Disposition: attachment; filename="' . basename($product[3]) . '"');
        header('Content-Transfer-Encoding: binary');

        if (strcmp(substr($product[3], 0, 7), 'http://') !== 0) {

            header('Content-Length: ' . filesize($product[3]));

        }

        readfile($product[3]);

        exit;
    }
}
?>

---

Here is the PHP file that the download link points to. After following the great feedback below, I now receive this error when the file opens. The good news is that it is not force downloading any more. Thanks for that so far!

<?php

/* SETTINGs */

$url_pcmac = "http://www.example.com";
$url_iphone = "http://itunes.apple.com/us/app/";
$url_otherphones = "http://example.com";

$url_bb_42 = $url_otherphones;
$url_bb_43 = $url_otherphones;
$url_bb_45 = "http://example.mobi/F45/i.jad";
$url_bb_46 = "http://example.mobi/F46/i.jad";
$url_bb_47 = "http://example.mobi/F46/i.jad";
$url_bb_50 = "http://example.mobi/F50/i.jad";
$url_bb_60 = "http://example.mobi/F50/i.jad";


/* ************************************* */
/* DO NOT TOUCH ANYTHING UNDER THIS LINE */
/* ************************************* */
/* *UNLESS YOU KNOW WHAT YOU ARE DOING** */
/* ************************************* */




function checkPhone($str) {
    $check = stripos($_SERVER['HTTP_USER_AGENT'], $str);
    if ($check === false) {
        return false;
    } else {
        return true;
    }
}

/* REDIRECT IPHONE AND IPODS */
if(checkPhone("iPhone") || checkPhone("iPod")){
    header("Location: ".$url_iphone);
    exit();
}

/* REDIRECT BLACKBERRY */
if(checkPhone("BlackBerry")){

    $agent = $_SERVER['HTTP_USER_AGENT'];
    $osdir = ''; 

    if (eregi("BlackBerry", $agent)) {

        if (eregi("6.0", $agent))
             header("Location: ".$url_bb_60);
        if (eregi("5.0", $agent))
             header("Location: ".$url_bb_50);
        if (eregi("4.7", $agent))
             header("Location: ".$url_bb_47);
        if (eregi("4.6", $agent))
             header("Location: ".$url_bb_46);
        if (eregi("4.5", $agent))
             header("Location: ".$url_bb_45);
        if (eregi("4.3", $agent))
             header("Location: ".$url_bb_43);
        if (eregi("4.2", $agent))
             header("Location: ".$url_bb_42);
    }

    exit();
}

/* REDIRECT ALL OTHER PHONES */
$user_agent = $_SERVER['HTTP_USER_AGENT'];
$accept = $_SERVER['HTTP_ACCEPT'];

if(checkPhone("opera mini")
|| checkPhone("android")
|| preg_match('/(pre\/|palm os|palm|hiptop|avantgo|fennec|plucker|xiino|blazer|elaine)/i',$user_agent)
|| preg_match('/(iris|3g_t|windows ce|opera mobi|windows ce; smartphone;|windows ce; iemobile)/i',$user_agent)
|| preg_match('/(mini 9.5|vx1000|lge |m800|e860|u940|ux840|compal|wireless| mobi|ahong|lg380|lgku|lgu900|lg210|lg47|lg920|lg840|lg370|sam-r|mg50|s55|g83|t66|vx400|mk99|d615|d763|el370|sl900|mp500|samu3|samu4|vx10|xda_|samu5|samu6|samu7|samu9|a615|b832|m881|s920|n210|s700|c-810|_h797|mob-x|sk16d|848b|mowser|s580|r800|471x|v120|rim8|c500foma:|160x|x160|480x|x640|t503|w839|i250|sprint|w398samr810|m5252|c7100|mt126|x225|s5330|s820|htil-g1|fly v71|s302|-x113|novarra|k610i|-three|8325rc|8352rc|sanyo|vx54|c888|nx250|n120|mtk |c5588|s710|t880|c5005|i;458x|p404i|s210|c5100|teleca|s940|c500|s590|foma|samsu|vx8|vx9|a1000|_mms|myx|a700|gu1100|bc831|e300|ems100|me701|me702m-three|sd588|s800|8325rc|ac831|mw200|brew |d88|htc\/|htc_touch|355x|m50|km100|d736|p-9521|telco|sl74|ktouch|m4u\/|me702|8325rc|kddi|phone|lg |sonyericsson|samsung|240x|x320vx10|nokia|sony cmd|motorola|up.browser|up.link|mmp|symbian|smartphone|midp|wap|vodafone|o2|pocket|kindle|mobile|psp|treo)/i',$user_agent)
|| isset($_SERVER['HTTP_X_WAP_PROFILE'])
|| isset($_SERVER['HTTP_PROFILE'])
|| (strpos($accept,'text/vnd.wap.wml')>0)
|| (strpos($accept,'application/vnd.wap.xhtml+xml')>0)){
    header("Location: ".$url_otherphones);
    exit();
}

/* REDIRECT TO PC and MAC */
header("Location: ".$url_pcmac);
exit();

?>

Answer 1

The problem comes from the wrong header values; You use:

header('Content-Type: application/force-download');
header('Content-Disposition: attachment; filename="'.basename($product[3]).'"');

This should be replaced with:

header('Content-Type: ' . $mimeType);
header('Content-Disposition: inline; filename="'.basename($product[3]).'"');

where $mimeType should be a valid media type (MIME Type). A list of this types is here available.

Answer 2

It's the Content-Disposition: attachment; thats telling the browser to download it.

Try:

header('Content-Disposition: inline; filename="' . basename($product[3]) . '"');

instead.

Answer 3

You simply need to set the appropriate Content-Type and the browser should handle the rest.

For example, you're currently using...

header('Content-Type: application/force-download');

This needs to be changed to the correct MIME type (possibly "application/vnd.rim.cod", but that's a guess).

N.B.: You'll also need to remove the "Content-Disposition" line.