I'm currently trying to rig up a system to download something, but the PHP is fighting me.

I have two files http://mibpaste.com/C2HAXp and http://mibpaste.com/Sa8Hkj. The first file is supposed to be inserted at the location of the comment in the second file. However, inserting it always seems to bring up header errors. I'm obviously missing something, but I'm not sure what.

PS: Ignore the inelegant and readable REGEX...

In the second file, you're emitting headers using the PHP header() function. However, in the first file, you're echoing contents via echo, which makes normal HTML page headers get sent, then the content. You have to send all the headers before any content, so you can't have echo before any custom header() lines.

Thanks.

Sure thing; did that fix your issues? I see some other suggestions and optimizations that could be made, as well as several security concerns about which to be aware, if you're interested.

It's still returning errors on the same lines. I'd love to hear about any other issue you see too

http://pastebin.com/E3kTdkzN

There's a single space before your opening <?php tag.

Edit: As far as security goes, notice that I can use it to download any webserver-accessible file you have. All I need is a valid ID, and something like "../../sensitivedocument.txt" as $_GET['download_file']. Never ever ever ever use raw input arguments as paths, etc; always do extensive cleaning for things like ".", "..", and "/", among others. It's better to make your cleaner too restrictive and have to relax it slightly than to miss restrictions.

Okay, I'll try to just hardcode the path into the file and only pass the call.

You can still pass in paths, just make sure you limit what kinds of paths are allowed, for example /^php[A-Za-z0-9]+$/, which is the form of files that are uploaded via PHP.