Skip to main content

This site requires you to update your browser. Your browsing experience maybe affected by not having the most up to date version.

All other Modules

Discuss all other Modules here.

Moderators: martimiz, Sean, biapar, Willr, Ingo, swaiba, simon_w

Secure Files: failed to flush buffer


4 Posts   1309 Views


5 October 2010 at 8:21am (Last edited: 5 October 2010 8:31am), Community Member, 150 Posts


I have setup a secured folder using your Secure Files module. I login with a user with access permissions to this secured folder and try to download an image within this folder. Next, the file is downloaded like thumb1.jpg.html (with html behind it) and when I open that html file I can see the error message below:

[Notice] ob_flush() [ref.outcontrol]: failed to flush buffer. No buffer to flush.

Line 170 in /Sites/


161       header("Content-Length: {$file_size}");
162       header("Pragma: ");
164       if(self::$use_x_sendfile) {
165          session_write_close();
166          header('X-Sendfile: '.$file_path);
167          exit();         
168       } elseif($filePointer = fopen($file_path, 'rb')) {
169          session_write_close();
170          ob_flush();
171          flush();
172          // Push the file while not EOF and connection exists
173          while(!feof($filePointer) && !connection_aborted()) {
174             print(fread($filePointer, 1024 * self::$chuck_size_kb));
175             ob_flush();
176             flush();

I have tested this with the following Secure Files _config.php:

* Secure Files Module Configuration
* @package securefiles
* @author Hamish Campbell <>
* @copyright copyright (c) 2010, Hamish Campbell

Director::addRules(50, array(ASSETS_DIR . '/$Action' => 'SecureFileController'));
// -------------------------------

* Apply optional permission methods here. Include them in the reverse
* order that you would like them to appear in the CMS.

// Assign file security by individual member:
DataObject::add_extension('File', 'SecureFileMemberPermissionDecorator');

// Assign file security by member group:
DataObject::add_extension('File', 'SecureFileGroupPermissionDecorator');

// Create time-limited access tokens:
// DataObject::add_extension('File', 'SecureFileTokenPermissionDecorator');

// -------------------------------
DataObject::add_extension('File', 'SecureFileDecorator');

* For large files or heavily trafficed sites use x-sendfile headers to by-pass
* file handling in PHP. Supported in lighttpd and in Apache with mod_xsendfile
* available at
// SecureFileController::use_x_sendfile_method();

* For testing or debug purposes, you can force this module to use the internal
* Sapphire send file method. Not recommended for production sites.
// SecureFileController::use_ss_sendfile_method();

PS. Am on localhost:8888 using MAMP.


5 October 2010 at 8:30am Community Member, 150 Posts

PS. With use_x_sendfile_method() on, the file is downloaded as a JPG, but with zero Kb size. File can not be opened. This maybe because x-sendfile needs to be installed first...


5 October 2010 at 9:01am Community Member, 712 Posts

Hi there,

That was a known bug in the current tagged versions where certain server configurations would cause errors. It's fixed in the trunk version (should be stable) but you might also be able to fix by disabling gzip for asset folders (not much to be gained by gzipping images/archives anyway).




5 October 2010 at 9:48am (Last edited: 5 October 2010 9:49am), Community Member, 150 Posts

Thanks, Hamish for both answers! You're the best. Final Q: how do I disable gzip for asset folders? Apologies for (maybe) another non-developers question. PS. If you ever need something in the future (testing, NL translations), let me know!