PHP - 保护数字下载 [英] PHP - Protecting digital Downloads
问题描述
我想让文件可供我的用户下载,但不希望他们能够直接访问下载文件夹。此外,我希望下载链接只能在设定的时间段或单次下载。
可能有一点我的方向正确吗?
最好的方法是将检查后的下载管理委托给mod ap api
x_sendfile
https://tn123.org/mod_xsendfile/
用法:
<?php
...
if($ user-> isLoggedIn())
{
header(X-Sendfile:$ path_to_somefile);
header(Content-Type:application / octet-stream);
header(Content-Disposition:attachment; filename = \$ somefile\);
退出;
}
?>
< h1>权限被拒绝< / h1>
< p>首先登录!< / p>
基本上,当您发送标题X-Sendfile时,mod拦截文件并管理您的下载(该文件可以随时在虚拟主机之外找到。)
否则,您只需实现一个简单的文件download.php即可获取文件的ID并打印内容code> readfile 登录检查后
I'm trying figure out how I can protect digital downloads in PHP. Just need some general directions so I can start my research. I don't seem to be able to find anything useful.
I want to make files available for my users to download but don't want them to be able to directly access a download folder. Also, I want the download link to be available only for set period of time or a single download.
Could some one point me in the right direction?
The best way is to delegate the download managment after your check to the mod for apache
x_sendfile
https://tn123.org/mod_xsendfile/
Usage:
<?php
...
if ($user->isLoggedIn())
{
header("X-Sendfile: $path_to_somefile");
header("Content-Type: application/octet-stream");
header("Content-Disposition: attachment; filename=\"$somefile\"");
exit;
}
?>
<h1>Permission denied</h1>
<p>Login first!</p>
Basically when you send the header X-Sendfile the mod intercepts the file and manages the download for you (the file can be located whenever you want outside the virtualhost).
Otherwise you can just implement a simple file download.php that gets the id of the file and prints the contents with readfile
after the login check
这篇关于PHP - 保护数字下载的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!