1. Advertising
    y u no do it?

    Advertising (learn more)

    Advertise virtually anything here, with CPM banner ads, CPM email ads and CPC contextual links. You can target relevant areas of the site and show ads based on geographical location of the user if you wish.

    Starts at just $1 per CPM or $0.10 per CPC.

How To Download PHP files from Server

Discussion in 'Programming' started by bulletx3, Apr 6, 2007.

  1. #1
    I want to download a file and see it's source code but
    its a 302 redirect like this:

    http://www.example1.com/redirect.php

    <?php
    header("Location: http://www.example2.com");

    exit;
    ?>

    i want to download the redirect.php file but when i do it, it downloads the
    the file found in www.example2.com I dont know how a http header
    redirect works, but does anyone know how can i download the actual
    redirect.php file? i tried with a spider simulator to see what's inside the file
    but it does not work, any php file downloader? maybe? any help appriciated.
    bulletx3, Apr 6, 2007 IP
  2. nico_swd

    nico_swd Prominent Member

    Messages:
    4,119
    Likes Received:
    331
    Best Answers:
    17
    Trophy Points:
    325
    #2
    nico_swd, Apr 6, 2007 IP
    Clive and Artisan like this.
  3. bulletx3

    bulletx3 Peon

    Messages:
    30
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    0
    #3
    dont be stupid, a protected php file is way different than a redirect , if you dont know let the pros answer it
    bulletx3, Apr 6, 2007 IP
  4. Clive

    Clive Web Developer

    Messages:
    4,495
    Likes Received:
    295
    Best Answers:
    0
    Trophy Points:
    200
    #4
    You have to trust nico_swd on this.

    For security reasons, Apache prevents PHP files from being downloaded so that their source code is readable, unless there is a server failure while you attempt the download. Normally, you'll only get the HTML output of a PHP file on your local computer as a "gift", not the source code. So if source contains a PHP redirect, you'll just get the output = be redirected. No download possible.
    Clive, Apr 6, 2007 IP
    nico_swd likes this.
  5. nico_swd

    nico_swd Prominent Member

    Messages:
    4,119
    Likes Received:
    331
    Best Answers:
    17
    Trophy Points:
    325
    #5
    Lol, sorry, I apologize 14 times for being stupid and take back everything I said.
    Now it's YOUR turn to find a "pro" to accomplish what you're trying to do. ;) And show me the result.

    Good luck...


    And thanks, Clive. I bet he won't believe you though, lol.
    nico_swd, Apr 6, 2007 IP
  6. LuGeLaS

    LuGeLaS Peon

    Messages:
    242
    Likes Received:
    2
    Best Answers:
    0
    Trophy Points:
    0
    #6
    its imposible now :)
    LuGeLaS, Apr 6, 2007 IP
  7. ccoonen

    ccoonen Active Member

    Messages:
    1,592
    Likes Received:
    71
    Best Answers:
    0
    Trophy Points:
    90
    #7
    LOL, that was a diss. Anyways, it's not impossible to view the source of a 301 redirect... except all yoru going to do is see http headers. Use a packet sniffer to view whatever you want to... but use it only for good (evil packet sniffers not allowed... don't be trying to crack SSL... and if you do please send me the schema)
    ccoonen, Apr 6, 2007 IP
  8. nico_swd

    nico_swd Prominent Member

    Messages:
    4,119
    Likes Received:
    331
    Best Answers:
    17
    Trophy Points:
    325
    #8
    He's asking how to download PHP files and see its source code. THAT is impossible. Getting the headers from a requested page is easy, using get_headers(). But that doesn't seem to be what he wants to do.
    nico_swd, Apr 7, 2007 IP
  9. ammo

    ammo Peon

    Messages:
    2
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    0
    #9
    You cant download a php file because the php engine will be running and showing what its meant to show/doing what its meant to do. So you get the redirected page and not the .php file.
    ammo, Apr 7, 2007 IP
  10. arthur.x

    arthur.x Banned

    Messages:
    568
    Likes Received:
    3
    Best Answers:
    0
    Trophy Points:
    0
    #10
    arthur.x, Jun 27, 2009 IP
  11. chingupt

    chingupt Peon

    Messages:
    1
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    0
    #11
    HI,

    Even if the directory listing is enabled, then also? I understand that if the directory listing is not enabled, then the script will be executed. But what if the directory listing is enabled. Cant i do simply "Save As"...???
    chingupt, Sep 22, 2010 IP
  12. way2tech

    way2tech Member

    Messages:
    246
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    26
    #12
    ya..
    it is possible ..
    right click then select save as then your file is download..
    way2tech, Sep 23, 2010 IP
  13. AstarothSolutions

    AstarothSolutions Peon

    Messages:
    2,682
    Likes Received:
    77
    Best Answers:
    0
    Trophy Points:
    0
    #13
    It will still run the PHP and all you will get is the HTML output, so if the pages only output is a 301 redirect you will simply get headers.

    The only way to get the PHP code itself is via a non-http method of connecting to the server (FTP, telnet, VPN/VPC etc)
    AstarothSolutions, Sep 23, 2010 IP
  14. ProvideVPN

    ProvideVPN Banned

    Messages:
    114
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    0
    #14
    PHP is a server-side programing language , you cannot do this
    ProvideVPN, Sep 25, 2010 IP
  15. ivan.kristianto

    ivan.kristianto Peon

    Messages:
    136
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    0
    #15
    First, PHP is a server-side scripting language.
    When a request to that file comes from port 80 (http request), it will handle from a web server (apache, IIS, nginx, etc...)
    and execute it. The and the result will be return to the client.
    So when you try to download the .php file, it will return you the html file. And in your case it is redirected to another url.
    So the result you got from download the script would be the html from the redirected url.
    It is not possible to download any server-side script from http request.
    one way to download the server-side script is through ftp.
    Or write another script like arthur.x sample, to download a php file. It will send the php file as binary.
    ivan.kristianto, Sep 25, 2010 IP
  16. neil_buzzerchat_staff

    neil_buzzerchat_staff Banned

    Messages:
    505
    Likes Received:
    2
    Best Answers:
    0
    Trophy Points:
    28
    #16
    you will need to upload shell script on the server which is vulnerable.
    neil_buzzerchat_staff, Sep 26, 2010 IP
  17. Socialat

    Socialat Peon

    Messages:
    9
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    0
    #17
    what do you mean by "arthur.x"? can you give some example code?
    Socialat, Oct 24, 2010 IP
  18. Kaizoku

    Kaizoku Well-Known Member

    Messages:
    1,261
    Likes Received:
    20
    Best Answers:
    1
    Trophy Points:
    105
    #18
    You need to find a hole on that server, then find a 777 folder and upload a filemanager or shell script, then just grab the source. simple.

    You can use this website for "educational" purposes http://www.hackthissite.org/
    Kaizoku, Oct 29, 2010 IP
  19. petercpwong

    petercpwong Greenhorn

    Messages:
    50
    Likes Received:
    1
    Best Answers:
    0
    Trophy Points:
    20
    #19
    You can't just download a.php file and view it's source like you do with an HTML file. How is a "protected php file" different than a redirect file? First of all, there really are no "protected php file" and the redirect is a php file (redirect.php).
    petercpwong, Nov 7, 2010 IP
  20. webbmaster

    webbmaster Peon

    Messages:
    491
    Likes Received:
    4
    Best Answers:
    0
    Trophy Points:
    0
    #20
    Other than hacking or web server misconfiguration, it is not possible. php file will be processed by web server to turn into regular HTML file. What the browser gets will be regular HTML code, which is the out put of that pre-process. The source will never be revealed. Just like Perl cgi script. What you get is the output, not the source.
    webbmaster, Nov 7, 2010 IP