I have the following code:
<?php
if($_SERVER['REQUEST_METHOD'] == 'POST') {
$filename = date('Y.m.d-H.i.s').'.dat';
file_put_contents($filename, $filename);
header('Content-Description: The output file.');
header('Content-type: application/dat');
header('Content-Disposition: attachment; filename="' . basename($filename) . '"');
header('Content-Transfer-Encoding: binary');
readfile($filename);
}
?>
<html><body>
<form method="post"><input type="submit"></form>
</body></html>
The code is fine, but when my download manager (IDM) captures the download, the file gets generated twice (and sometimes three times) while the user have clicked the submit button once, which is undesirable! It's probably because the IDM re-sends the POST data, I think; but how do I detect and prevent such a case?
You could insert a hidden input field with a token and check for this. If it does not exist, then the download manager tried to get the file and not the user. Just as an idea.
Another thing would be to check for the user agent and use it as the token. I guess your download manager does not have the same user agent. But this would be Javascript then, because on click I would remove the token. (do not try to check all possible user agents, filter out the download manager)
Or you could check whether the request from the same IP of the user comes within a short time e.g. one second. Then just deliver nothing on the following requests. Maybe release the check after 5 seconds...