如何阻止直接下载文件 [英] How to block direct download file
问题描述
我的网站包含一些下载内容。我只想访问下载此文件的用户。
My website contains some download content. I want to access download this file only for logged in user.
如果用户在浏览器中输入直接文件url,则如果用户未登录则显示禁止页面。 CMS。
直接文件链接:localhost / files / questions / 20160917070900-w2CdE9LZpE.zip
If user type direct file url in browser it show forbidden page if user not logged in. Am not using any CMS. Direct File Link: localhost/files/questions/20160917070900-w2CdE9LZpE.zip
我在网上搜索,但找不到任何好的答案。请建议我该怎么做。
I searched on net but failed to find any good answer. Please suggest me how can I do it.
推荐答案
放入文件夹成员中创建新的文件夹文件,将所有歌曲移至此处,新建.htaccess文件并添加以下行:
Into folder members create new folder files, move here all your songs, create new .htaccess file and add the following lines:
Order Deny,Allow
Deny from all
进入文件夹成员创建文件get_file.php并添加以下代码:
Into folder members create file get_file.php and add the following code:
if( !empty( $_GET['name'] ) )
{
// check if user is logged
if( is_logged() )
{
$file_name = preg_replace( '#[^-\w]#', '', $_GET['name'] );
$question_file = "{$_SERVER['DOCUMENT_ROOT']}/files/questions/{$file_name}.zip";
if( file_exists( $question_file ) )
{
header( 'Cache-Control: public' );
header( 'Content-Description: File Transfer' );
header( "Content-Disposition: attachment; filename={$question_file}" );
header( 'Content-Type: application/zip' );
header( 'Content-Transfer-Encoding: binary' );
readfile( $question_file );
exit;
}
}
}
die( "ERROR: invalid song or you don't have permissions to download it." );
获取文件的URL:localhost / get_file.php?name = file_name
URL to get the file: localhost/get_file.php?name=file_name
这篇关于如何阻止直接下载文件的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!