安全地提供文件 [英] Securely serving files
问题描述
嘿所有,
我网站上的人注册,允许访问某些下载。
我将这些文件存储在文档根目录下,以便他们不能通过Apache访问
(仅限PHP)。我写了一个文件服务脚本,
为下载转储正确的标题并调用readfile()。
我以为一切都在游泳,直到我意识到我的
webhost已打开安全模式,脚本执行时间为
限制为30秒。如果您的文件需要比下载更长的时间,那么
那么太糟糕:)。
那么我该怎么做呢?我服务的文件不大于
大约2兆字节。
似乎有一个选项是制作我想要的文件的副本
发布,但低于文档根目录,以便从
浏览器中获取。我会给文件一个随机生成的名字,这个名字不仅仅是猜测,而只是写一个常规的浏览器链接。有没有人
试过这个,这对你有用吗?你是怎么回事
在客户下载文件后清理文件的?有没有更好的选择?
干杯,
Nicholas Sherlock
Nicholas Sherlock写道:嘿所有,
我网站上的人注册后可以访问某些下载。
我将这些文件存储在文档根目录之上,以便Apache无法访问它们(仅限PHP)。我写了一个文件服务脚本,它为下载转储正确的标题并调用readfile()。
我认为一切都在游泳,直到我意识到我的
webhost有安全模式打开,脚本执行时间限制为30秒。如果你的文件需要比下载更长的时间,那么太糟糕了:)。
那我怎么能这样做呢?我服务的文件大小不超过大约2兆字节。
似乎有一个选项是制作我想要服务的文件的副本,但是在文档根目录下方,以便可以从
浏览器中获取。我会给文件一个随机生成的名字,这个名字不会被猜到,只是写一个常规的浏览器链接。有没有人试过这个,并为你做好了吗?在客户下载文件后,您是如何进行清理文件的?有更好的选择吗?
欢呼,
Nicholas Sherlock
为什么不只是包含()文件?
-
==================
删除x表示x。来自我的电子邮件地址
Jerry Stuckle
JDS计算机培训公司
js ******* @ attglobal.net
==================
是的,实际上我之前已经这样做了。它工作得很好,至于清理
文件后你可以使用crontab。假设你使用的是
Linux。 Windows可能有类似的东西。
Nicholas Sherlock写道:嘿所有,
我网站上的人注册允许访问某些下载。
我将这些文件存储在文档根目录之上,以便Apache无法访问它们(仅限PHP)。我写了一个文件服务脚本,它为下载转储正确的标题并调用readfile()。
我认为一切都在游泳,直到我意识到我的
webhost有安全模式打开,脚本执行时间限制为30秒。如果你的文件需要比下载更长的时间,那么太糟糕了:)。
那我怎么能这样做呢?我服务的文件大小不超过大约2兆字节。
似乎有一个选项是制作我想要服务的文件的副本,但是在文档根目录下方,以便可以从
浏览器中获取。我会给文件一个随机生成的名字,这个名字不会被猜到,只是写一个常规的浏览器链接。有没有人试过这个,并为你做好了吗?在客户下载文件后,您是如何进行清理文件的?有更好的选择吗?
干杯,
Nicholas Sherlock
On 2006-02-11,Jerry Stuckle< js ******* @ attglobal.net>写道:
为什么不只是包含()文件?
不建议二进制文件 - 他们可能有< ?在某个地方...
-
再见。
Jasen
Hey all,
People on my website register to be allowed access to certain downloads.
I store these files above the document root so that they can''t be
accessed by Apache (Only from PHP). I wrote a file serving script which
dumps the correct headers for the download and calls readfile().
I thought everything was going swimmingly until I realized that my
webhost has Safe Mode turned on, and the script execution time is
limited to 30 seconds. If your file takes longer than that to download,
then too bad :).
So how can I do this? The files that I am serving are no larger than
about 2 megabytes.
It seems that one option would be to make a copy of the file I want to
serve, but below the document root so that it is available from the
browser. I''d give the file a randomly generated name that couldn''t just
be guessed, and just write a regular link to the browser. Has anyone
tried this, and did it work out okay for you? How did you go about
cleaning up files after the client has downloaded them? Is there a
better option?
Cheers,
Nicholas Sherlock
Nicholas Sherlock wrote:Hey all,
People on my website register to be allowed access to certain downloads.
I store these files above the document root so that they can''t be
accessed by Apache (Only from PHP). I wrote a file serving script which
dumps the correct headers for the download and calls readfile().
I thought everything was going swimmingly until I realized that my
webhost has Safe Mode turned on, and the script execution time is
limited to 30 seconds. If your file takes longer than that to download,
then too bad :).
So how can I do this? The files that I am serving are no larger than
about 2 megabytes.
It seems that one option would be to make a copy of the file I want to
serve, but below the document root so that it is available from the
browser. I''d give the file a randomly generated name that couldn''t just
be guessed, and just write a regular link to the browser. Has anyone
tried this, and did it work out okay for you? How did you go about
cleaning up files after the client has downloaded them? Is there a
better option?
Cheers,
Nicholas Sherlock
Why not just include() the file?
--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
js*******@attglobal.net
==================
Yes actually I''ve done that before. It works just fine, as for cleaning
the files up afterward you could just use crontab. Assuming your using
Linux. Windows probably has something similar.
Nicholas Sherlock wrote:Hey all,
People on my website register to be allowed access to certain downloads.
I store these files above the document root so that they can''t be
accessed by Apache (Only from PHP). I wrote a file serving script which
dumps the correct headers for the download and calls readfile().
I thought everything was going swimmingly until I realized that my
webhost has Safe Mode turned on, and the script execution time is
limited to 30 seconds. If your file takes longer than that to download,
then too bad :).
So how can I do this? The files that I am serving are no larger than
about 2 megabytes.
It seems that one option would be to make a copy of the file I want to
serve, but below the document root so that it is available from the
browser. I''d give the file a randomly generated name that couldn''t just
be guessed, and just write a regular link to the browser. Has anyone
tried this, and did it work out okay for you? How did you go about
cleaning up files after the client has downloaded them? Is there a
better option?
Cheers,
Nicholas Sherlock
On 2006-02-11, Jerry Stuckle <js*******@attglobal.net> wrote:
Why not just include() the file?
not reccomended for binary files - they might have <? in them somewhere...
--
Bye.
Jasen
这篇关于安全地提供文件的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
