First, add a value field to your form fields and change them to an array:
<form action="download.php" method="get">
<input type="checkbox" name="file[0]" value="1" /> File1 <br/>
<input type="checkbox" name="file[1]" value="1" /> File2 <br/>
<input type="checkbox" name="file[2]" value="1" /> File3 <br/>
<input type="checkbox" name="file[3]" value="1" /> File4 <br/>
<input type="checkbox" name="file[4]" value="1" /> File5 <br/>
<input type="submit" name="mysubmit" value="Download!">
</form>
Next, in download.php:
if (!empty($_POST['file'])) {
// open zip
$zip_path = '/path/to/created/download.zip';
$zip = new ZipArchive();
if ($zip->open($zip_path, ZIPARCHIVE::CREATE) !== TRUE) {
die ("An error occurred creating your ZIP file.");
}
// checkbox values dont matter because only checked boxes show up in POST data
foreach ($_POST['file'] as $key => $val) {
// generate filename to add to zip
$filename = '/path/to/php/file' . $key . '.php';
$zip->addFile($filename) or die ("ERROR: Could not add the file $filename");
}
$zip->close();
//===============
// force download
//===============
// assume you have a full path to file stored in $zip_path
if (!is_file($zip_path)) {
die('The file appears to be invalid.');
}
$zip_path = str_replace('\\', '/', realpath($zip_path));
$filesize = filesize($zip_path);
$filename = substr(strrchr('/'.$zip_path, '/'), 1);
$extension = strtolower(substr(strrchr($zip_path, '.'), 1));
// use this unless you want to find the mime type based on extension
$mime = array('application/octet-stream');
header('Content-Type: '.$mime);
header('Content-Disposition: attachment; filename="'.$filename.'"');
header('Content-Transfer-Encoding: binary');
header('Content-Length: '.sprintf('%d', $filesize));
header('Expires: 0');
// check for IE only headers
if (isset($_SERVER['HTTP_USER_AGENT']) && (strpos($_SERVER['HTTP_USER_AGENT'], 'MSIE') !== false))) {
header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
header('Pragma: public');
} else {
header('Pragma: no-cache');
}
$handle = fopen($filepath, 'rb');
fpassthru($handle);
fclose($handle);
} // close $_POST check