是否有可能免受外界的服务器上的目录/文件,但要访问到PHP? [英] Is it possible to shield a directory/file on a server from the outside world, but make it accessible to PHP?
问题描述
我一直在想:是有可能免受外界的服务器上的目录/文件,但要到PHP
I've been wondering: is it possible to shield a directory/file on a server from the outside world, but make it accessible to PHP?
这是相当简单的。我在某个目录我用PHP的服务器上缓存的网页,但我不想让互联网用户直接查看这些文件或此目录。 PHP中,另一方面,必须能够访问这些文件(对他们投放给用户)。这听起来可能不符合逻辑,但我想要做的就是限制用户的某些网页,仍然能够对它们进行缓存在一个Web服务器精明的格式。
It's fairly simple. I'm caching webpages on my server with PHP in a certain directory, but I do not want web users to view these files or this directory directly. PHP, on the other hand, must be able to access these files (to serve them to the user). That may sound not logical, but what I'm trying to do is restrict users certain pages and still be able to cache them in a webserver-savvy format.
preferably一些与的.htaccess或文件模式。
Preferably something with .htaccess or chmod.
谢谢!
推荐答案
Absolutely--其实,你并不需要使用的.htaccess。简而言之受保护的目录中的文档根目录上面(也就是下一个存储它到你的PHP脚本店,一般的文件夹的htdocs,上传至httpdocs或有时仅仅是WWW)。
Absolutely-- in fact, you don't need to use .htaccess. Simply put the protected directory above your document root (that is, store it next to the folder where your PHP scripts are store, typically "htdocs," "httpdocs" or sometimes just "www').
所以,你的网页文件将是 /我的/文件夹/ httpdocs资料/ ,而你的保护的文件将是 /我的/文件夹/ protected_folder /
So your web files would be in /my/folders/httpdocs/, and your "protected" files would be in /my/folders/protected_folder/
这里的想法是,PHP可以访问服务器上的任意文件夹,但是Apache不会让用户导航上面的根目录。
The idea here is that PHP can access any folder on the server, but Apache won't let the user navigate "above" the root directory.
要访问该目录,你可以使用:
To access the directory, you can use:
$ protected_path = $ _ SERVER ['DOCUMENT_ROOT']'/ .. / protected_folder /';
(顺便说一句,你提到你这样做缓存pages--你可能想看看 Smarty的中, PHP模板引擎,其中pre-编译你的模板,同时还支持真正的智能高速缓存。而事实上,的Smarty的最佳做法之一是配置结构,使模板和缓存文件不在或DOCUMENT_ROOT下方文件夹中,因此用户来自Apache进来永远无法得到他们,但Smarty的PHP code可以轻松抓取无论从那里需要。)
(Incidentally, you mentioned you're doing this to cache pages-- you might want to look at Smarty, the PHP template engine, which pre-compiles your templates and also supports really smart caching. And in fact, one of the Smarty "best practices" is to configure your structure so the template and cache files are not in or below the document_root folder, so users coming in from Apache can never get to them, but the Smarty PHP code can easily grab whatever it needs from there.)
这篇关于是否有可能免受外界的服务器上的目录/文件,但要访问到PHP?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
