We'll read the post and answer if we have the time/answer, and understand the question, so there's no need to make silly accented titles... ___###LOOK AT ME###___ is just annoying.
And.... now... to stop being distracted by the title.... I'll look at the question.
First, get over the idea of hiding URLs, protecting files, disabling right click. It's all silly.
However, let's assume you've got a reason because this specifically has a solution, though you should be very clear that there is no real way to stop this, and this solution is flawed, overall, but it will 'help', I guess.
You can't send two pages in one page. That's just... weird.
The idea of include and require is logical, but won't work. When doing so, it just, basically, inserts the code of that page into your page, so include('a.php'), where a.php is "<? php echo "hello"; ?>" is just like using 'echo "hello";' in your original code. So... roundabout, but not enough 
And, I think, even if you did this (which might be possible routing through a second server as a buffer, but I'd have to play with it to see), then you would still be sending a second (probably ignored) header, which will do nothing at best, or likely cause problems.
So... you need to send two pages... basically.
Two options:
1. meta tag
2. iframe
1. with the meta refresh tag, you can do this quite easily.
<meta http-equiv="refresh" content="0;url=http...file.zip">
Change the url to the file; use absolute URLs, not relative filenames, to keep to standards, though that can work too.
The 0 means how many seconds, so this, as in your case, will work best... or you could wait a bit.
Depending on the browser, then, it *should* probably just open with a save as dialogue or just save to the default location and not navigate to a new page, but some browsers like to go to a white page, at least in some cases.
2. iframe... simply output an iframe tag (or if you really wanted, a frameset), then have that iframe have the url of the file to be downloaded. set the width/height to... well... 0, I guess.
Either way, and for that matter, any way, you can't hide the url from the source code, though it won't be entirely apparent to the user.
If you wanted to create a link that could not be reaccessed, then there's a sorta complex way you could do that with PHP.
Output the file with PHP, not a direct link to the real file. Place the file (which can still be accessed by PHP) in a folder that does not allow direct http connections... basically password protected, or better yet, outside of the public_html folder, so it's just not accessible.
Then on the page that is generating the meta tag (this is the method I would recommend), then forward to a php url containing a randomized key.... or... actually, not so random.
Assuming this is immediate, you could use the combination of a password and the current time, combined with md5():
$key = md5(time().'mypass');
Then use that on the next page, which is reached via, ex: page.php?key=2923af90b19c0e4d0e
On that next page, assume that it must be recieved within a time limit, of say 10 seconds (just the request, not the loading), so....
PHP Code:
$key = $_GET['key'];
if ($key = md5(time().'mypass') || $key = md5(time()-1.'mypass') || ... || $key = md5(time()-10.'mypass') {
output_your_file();
}
else {
echo "You must access this download page after gaining access to the file.";
}
PHP download script
Reply With Quote
Bookmarks