限制对附件文件夹的直接文件访问 [英] Restrict direct file access of our attachment folder
问题描述
我们有这个网站,我们还提供签证申请模块.签证申请模块要求用户创建一个帐户.每当用户上载附件时,附件就会保存在附件中的特定文件夹中.此特定文件夹对应于分配给每个用户的唯一生成的号码.
We have this website where we also have a visa application module. The visa application module requires the user to create an account. Whenever the user uploads attachments it is saved in a specific folder inside attachments. This specific folder corresponds to a uniquely generated numbers that is assigned to each user.
现在我需要的是,如果用户不登录,则他们将无法访问附件文件夹中的文件.
Now what I need is if the user is not login they should not be able to access the files inside the attachment folders.
如何使用http处理程序实现该目标?
How can I achieve that using http handler?
我有这个代码
if (HttpContext.Current.Session["UserRegistrationID"] != null)
{
if (HttpContext.Current.Session["UserRegistrationID"].ToString() != "")
{
DownloadFile(context);
}
else
{
context.Response.Write("You don't have the rights to access this file.");
context.Response.Flush();
}
}
else
{
context.Response.Write("You don't have the rights to access this file.");
context.Response.Flush();
}
protected void DownloadFile(HttpContext context)
{
context.Response.ContentType = "image/jpg";
context.Response.WriteFile(context.Request.PhysicalPath);
context.Response.Flush();
}
但是问题是我在Web配置中配置它时遇到问题.
But the problem is I'm having a problem configuring it in web config.
有人知道该怎么做吗?
推荐答案
看看我的答案之一
此规则实际上适用于文件夹,正是您要查找的内容.
This rule is actualy applied to folders, just what are you looking for.
这篇关于限制对附件文件夹的直接文件访问的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!