I have a form that when you click the "Generate Report" submit button,
it will force download a CSV file, required for this project.
On the very same page you also have a "Search" submit button, when you
press it it should generate search results in a new page.
However, when you click the "Generate Report" submit button, the moment
you try to THEN click the "Search" submit button, the "Search" submit
button NEVER goes to a new page but instead tries to force-download the
very same CSV file, as if the "Search" submit button literally becomes
the "Generate Report" submit button!
Is there a way using PHP and HTTP headers to force BOTH a download AND
a redirect literally at the exact same time? This is the only way I
can think of to stop this from happening, unless the user physically
reloads their page each time, which is not going to be acceptable by
the client.
[PHP]
class ActionPerformer extends DBActionPerform er {
var $id;
function ActionPerformer ($id) {
$this->id = $id;
}
/**
* Generate a report
*
* @access protected
* @see change_first_or der_flag
* @see actual_path
*/
function &report() { // STATIC VOID METHOD
global $scriptPath, $adminReportPat h, $tempAdminRepor tPath;
$orderBy = ' upper(school_ty pe_name) asc, upper(school_na me) asc,
upper(student_l ast_name) asc, upper(student_f irst_name) asc,
upper(student_m i) asc ';
// BOOLEAN TO INDICATE IF A MOVE FROM A TEMP FOLDER TO THE ACTUAL
FOLDER WILL TAKE PLACE, ELSE, WILL REMAIN IN ACTUAL FOLDER
$willMoveReport FromTemp = ($tempAdminRepo rtPath &&
strcmp(trim($ad minReportPath), trim($tempAdmin ReportPath)) != 0);
// CHANGE "asc" TO "desc" AND VICE VERSA
if ($_REQUEST['willDesc']) $orderBy =
change_first_or der_flag($order By);
// SUB OUT ALL CARRIAGE RETURNS AND LINE FEEDS
$orderBy = str_replace("\n ", ' ', str_replace("\r ", ' ',
htmlspecialchar s($orderBy))); // EXTRA PROTECTION
$msg = "php -q \"" .
actual_path("$s criptPath/stored_procedur es/get_student_gro up_resultset.ph p")
.. "\" \"ORDER BY $orderBy\" 'willExcludeCus tomer' '' '' ''
'willGenerateRe port'";
$reportFileName = exec($msg); // ERROR REDIRECTION HANDLED
BY PSEUDO-STORED PROCEDURE
if ($willMoveRepor tFromTemp) { // GENERATE RENAMED PATH +
FILENAME HERE FOR EFFICIENCY
$newReportFileN ame = preg_replace('/(^.*)' . str_replace('/', '\\/',
preg_quote($tem pAdminReportPat h)) . '(.*$)/', '$1' . $adminReportPat h .
'$2', $reportFileName );
} else {
$newReportFileN ame = $reportFileName ;
}
if (preg_match('/(error)|(errcod e:?)/i', $reportFileName )) { //
ERROR ATTEMPTING TO TRY TO USE PSEUDO-STORED PROC TO SPAWN REPORT FILE
$this->isSuccessful = false;
$this->setErrorArray( array('action' => 'Unable to generate report: '
.. nl2br(htmlspeci alchars($report FileName)) . ': please contact
administrator') );
} else {
if ($willMoveRepor tFromTemp &&
@!copy(actual_p ath(realpath($r eportFileName)) ,
actual_path($ne wReportFileName ))) { // COPY FROM TEMP FOLDER IF
REQUIRED
list($copyKomma nd, $copyRedirect) =
@array_values($ this->getKommandOSAr ray('copy'));
$msg = exec("$copyKomm and \"" .
actual_path(rea lpath($reportFi leName)) . '" "' .
actual_path($ne wReportFileName ) . "\" $copyRedirect") ;
if ($msg || !is_file(actual _path($newRepor tFileName))) {
$errorMsg = "Unable to copy report from \"$reportFileNa me\" to
\"$newReportFil eName\"";
if ($msg) $errorMsg .= ': "' . nl2br(htmlspeci alchars($msg)) .
'"'; else echo ": No such file \"$newReportFil eName\"";
$this->isSuccessful = false;
$this->setErrorArray( array('action' => $errorMsg));
}
}
// REAL IMPORTANT!!! CHMOD OR THE WORLD CAN SEE YOUR REPORTS!!!!!!!
if ($this->isSuccessful ) @chmod(0770,
actual_path($ne wReportFileName )); // CHANGE PERMISSIONS (IF IN UNIX)
TO PREVENT WORLD FROM ACCESSING FILE
if ($this->isSuccessful )
ReportGenerator ::generateHTTPH eaders($reportF ileName); // THIS CAUSES
THE FORCED DOWNLOAD
@unlink(actual_ path($newReport FileName)); // FILE HAS BEEN
FORCE-DOWNLOADED AND IS NO LONGER NEEDED ON SERVER
}
}
}
[/PHP]
Thanx
Phil
it will force download a CSV file, required for this project.
On the very same page you also have a "Search" submit button, when you
press it it should generate search results in a new page.
However, when you click the "Generate Report" submit button, the moment
you try to THEN click the "Search" submit button, the "Search" submit
button NEVER goes to a new page but instead tries to force-download the
very same CSV file, as if the "Search" submit button literally becomes
the "Generate Report" submit button!
Is there a way using PHP and HTTP headers to force BOTH a download AND
a redirect literally at the exact same time? This is the only way I
can think of to stop this from happening, unless the user physically
reloads their page each time, which is not going to be acceptable by
the client.
[PHP]
class ActionPerformer extends DBActionPerform er {
var $id;
function ActionPerformer ($id) {
$this->id = $id;
}
/**
* Generate a report
*
* @access protected
* @see change_first_or der_flag
* @see actual_path
*/
function &report() { // STATIC VOID METHOD
global $scriptPath, $adminReportPat h, $tempAdminRepor tPath;
$orderBy = ' upper(school_ty pe_name) asc, upper(school_na me) asc,
upper(student_l ast_name) asc, upper(student_f irst_name) asc,
upper(student_m i) asc ';
// BOOLEAN TO INDICATE IF A MOVE FROM A TEMP FOLDER TO THE ACTUAL
FOLDER WILL TAKE PLACE, ELSE, WILL REMAIN IN ACTUAL FOLDER
$willMoveReport FromTemp = ($tempAdminRepo rtPath &&
strcmp(trim($ad minReportPath), trim($tempAdmin ReportPath)) != 0);
// CHANGE "asc" TO "desc" AND VICE VERSA
if ($_REQUEST['willDesc']) $orderBy =
change_first_or der_flag($order By);
// SUB OUT ALL CARRIAGE RETURNS AND LINE FEEDS
$orderBy = str_replace("\n ", ' ', str_replace("\r ", ' ',
htmlspecialchar s($orderBy))); // EXTRA PROTECTION
$msg = "php -q \"" .
actual_path("$s criptPath/stored_procedur es/get_student_gro up_resultset.ph p")
.. "\" \"ORDER BY $orderBy\" 'willExcludeCus tomer' '' '' ''
'willGenerateRe port'";
$reportFileName = exec($msg); // ERROR REDIRECTION HANDLED
BY PSEUDO-STORED PROCEDURE
if ($willMoveRepor tFromTemp) { // GENERATE RENAMED PATH +
FILENAME HERE FOR EFFICIENCY
$newReportFileN ame = preg_replace('/(^.*)' . str_replace('/', '\\/',
preg_quote($tem pAdminReportPat h)) . '(.*$)/', '$1' . $adminReportPat h .
'$2', $reportFileName );
} else {
$newReportFileN ame = $reportFileName ;
}
if (preg_match('/(error)|(errcod e:?)/i', $reportFileName )) { //
ERROR ATTEMPTING TO TRY TO USE PSEUDO-STORED PROC TO SPAWN REPORT FILE
$this->isSuccessful = false;
$this->setErrorArray( array('action' => 'Unable to generate report: '
.. nl2br(htmlspeci alchars($report FileName)) . ': please contact
administrator') );
} else {
if ($willMoveRepor tFromTemp &&
@!copy(actual_p ath(realpath($r eportFileName)) ,
actual_path($ne wReportFileName ))) { // COPY FROM TEMP FOLDER IF
REQUIRED
list($copyKomma nd, $copyRedirect) =
@array_values($ this->getKommandOSAr ray('copy'));
$msg = exec("$copyKomm and \"" .
actual_path(rea lpath($reportFi leName)) . '" "' .
actual_path($ne wReportFileName ) . "\" $copyRedirect") ;
if ($msg || !is_file(actual _path($newRepor tFileName))) {
$errorMsg = "Unable to copy report from \"$reportFileNa me\" to
\"$newReportFil eName\"";
if ($msg) $errorMsg .= ': "' . nl2br(htmlspeci alchars($msg)) .
'"'; else echo ": No such file \"$newReportFil eName\"";
$this->isSuccessful = false;
$this->setErrorArray( array('action' => $errorMsg));
}
}
// REAL IMPORTANT!!! CHMOD OR THE WORLD CAN SEE YOUR REPORTS!!!!!!!
if ($this->isSuccessful ) @chmod(0770,
actual_path($ne wReportFileName )); // CHANGE PERMISSIONS (IF IN UNIX)
TO PREVENT WORLD FROM ACCESSING FILE
if ($this->isSuccessful )
ReportGenerator ::generateHTTPH eaders($reportF ileName); // THIS CAUSES
THE FORCED DOWNLOAD
@unlink(actual_ path($newReport FileName)); // FILE HAS BEEN
FORCE-DOWNLOADED AND IS NO LONGER NEEDED ON SERVER
}
}
}
[/PHP]
Thanx
Phil