I am making a PHP script that will download a file given a name and a version. The files will be stored on the server like this:

/dl/Project1/1.0.txt
/dl/Project1/1.1.txt
/dl/Project2/2.3.jar
/dl/Project2/2.3.1.jar

And the paths to retrieve such files would look like this:

download.php?name=Project1&type=txt&version=1.0
download.php?name=Project1&type=txt&version=1.1
download.php?name=Project2&type=jar&version=2.3
download.php?name=Project2&type=jar&version=2.3.1

The issue arises when actually downloading the files. In this example, I want the first two files to both download as Project1.txt, and I want the last two to download as Project2.jar. How can I rename these temporarily to allow this to work?

Send out a header defining the file's name.

$filename = $name . "." . $type;
header('Content-Description: File Transfer');
header('Content-Type: application/octet-stream');
header('Content-Disposition: attachment; filename=' . $filename);
header('Content-Transfer-Encoding: binary');
header('Expires: 0');
header('Cache-Control: must-revalidate');
header('Pragma: public');
header('Content-Length: ' . filesize($file));

I've included additional headers, since you should send out these as well. This is just a modified example of what you can see in the PHP documentation on readfile.

You don't need to rename it, you just need to change the name in the header, there is the script:

<?php
// Check is set all params
if (isset($_GET['name'], $_GET['type'], $_GET['version'])) {
  // Get the params into variables.

  // Secure replace to avoid the user downloading anyfile like @Kristian Antonsen said.
  // Replace all '..' to a single '.';
  $name = preg_replace('/[\.]{2,}/', '.', trim($_GET['name']));
  // Replace any strange characters.
  $type = preg_replace('/[^A-Za-z0-9]/', '', trim($_GET['type']));
  // Replace any letter and strange character.
  $version = preg_replace('/[^0-9\.]/', '', trim($_GET['version']));

  /**
   * Check is all the params filled with text
   *   and check if the version is in the right format.
   */
  if (!empty($name) &&
      !empty($type) &&
      !empty($version) &&
      preg_match('/^[0-9](\.[0-9])+$', $version)) {
    /**
     * Get the file path, here we use 'dirname' to get the absolute path
     *   if the download.php is on root
     */
    $filePath = dirname(__FILE__) . '/dl/' . $name . '/' . $version . '.' . $type;

    // Check if the file exist.
    if (file_exists($filePath)) {
      // Add headers
      header('Cache-Control: public');
      header('Content-Description: File Transfer');
      header('Content-Disposition: attachment; filename=' . $name . '.' . $type);
      header('Content-Length: ' . filesize($filePath));
      // Read file
      readfile($filePath);
    } else {
      die('File does not exist');
    }
  } else {
    die('Missing params');
  }
}

You probably want to simply use the content-disposition header:

header('Content-disposition: attachment; filename=Project1.txt');
readfile('Project1/1.0.txt');