I need to offer downloadable *.tar.gz files on a website. For each file, I pre-generated MD5 checksums (and present them alongside the download links, for checking after the download). However, both the file size and the MD5 checksum change after a file was downloaded.
I use the following PHP headers etc.:
header("Content-Description: File Transfer");
header("Content-Disposition: attachment; filename=\"".basename($filename)."\";");
header("Content-Type: application/octet-stream");
header("Content-Encoding: binary");
header("Content-Length: ".filesize($filepath.$filename));
header("Expires: 0");
header("Cache-Control: must-revalidate, post-check=0, pre-check=0");
header("Cache-Control: private");
header("Pragma: public");
ob_clean();
readfile($filepath.$filename);
When downloading the file directly using curl, I get:
file size: 440875
MD5: f03a0995aec6f2f5f8810b635a6829b8
which is correct!
However, when downloading from the website, I get:
file size: 2488320
MD5: 953db14625c978e387540b6742121309
which is the problem!
What can I do to change this?
