在网站上显示pdf [英] Display pdf on website
问题描述
我有一个小问题.在我的服务器上,我将几个pdf文件保存在公用文件夹之外.我想在我的网站上显示这些文件.
I've a little problem. On my server i've several pdf files saved outside the public folder. I want to display those files on my website.
我现在使用的显示pdf的代码:
The code to display the pdf I use now:
$pdf = '/var/www/vhosts/domain.com/users/'.$_GET['file'];
header('Content-type: application/pdf');
header('Content-Disposition: inline; filename="'.$pdf.'"');
readfile($pdf);
我现在要做的是通过iFrame显示它们,但是在IE8上,我会收到消息,将文件保存到我的计算机上.在chrome和IE9上没有问题.
What I do now is display them via an iFrame but on IE8 i'll get the message to save the file to my computer. On chrome and IE9 there are no problems.
是否有更好的方法来显示pdf文件?
Is there a better way to display the pdfs?
推荐答案
请查找此问题,用户与您有相同的问题: 在用户浏览器中通过PHP/Perl显示PDF文件
please look up this question, the user had the same question as you: Show a PDF files in users browser via PHP/Perl
我还为您提供了一个安全通知:
I also have a security notice for your:
此:$pdf = '/var/www/vhosts/domain.com/users/'.$_GET['file'];
可能非常危险,想象一下是否有人像这样修改您的url参数:
yoursite.php?file = ../../index.php
THIS: $pdf = '/var/www/vhosts/domain.com/users/'.$_GET['file'];
Can be extremly dangerous, imagine if some one modifies your url parameter like this:
yoursite.php?file=../../index.php
如果您在这里不太注意,人们可以从您的服务器上下载其他文件...因此,请谨慎使用$ _GET ['file']并进行验证.
If you are not very careful here, people can download other files from your server... so please be careful and validate your $_GET['file'] before using it.
致谢
这篇关于在网站上显示pdf的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!