Find a way to identify the file to download (for instance, a GET variable that matches the ID of a row in a database, or something along these lines). Make damn sure it’s a valid one, because you don’t want your users to be able to download anything off your site. Then, use header
with Content-Disposition
to tell the browser the file should be downloaded, and readfile
to output it.
For instance:
<?php
$id = intval($_GET['id']);
$query = mysql_query('SELECT file_path FROM files WHERE id = ' . $id);
if (($row = mysql_fetch_row($query)) !== false)
{
header('Content-Disposition: attachment; filename=" . basename($row[0]));
readfile($row[0]);
}
exit;
?>