php readfile - 强制下载 [英] Php readfile - Force Download

问题描述

我正在使用 Flash 播放器播放一些 mp3 文件.在 Firefox 中，它会正常加载它们，但在 IE 中则不会.当我转到 .mp3 文件的 url 时，它会显示 mp3 的源代码(而不是提供例如下载).所以我用了一个小脚本来修复它:

I am using a flash player to play some mp3 files. At firefox it loads them normally but at IE it doesn't. When i go to the url of the .mp3 file it shows the source code of the mp3 (instead of offering eg to download). So i used a small script to fix it:

$url = $_GET['url'];
header('Content-type: application/force-download');
header('Content-Transfer-Encoding: Binary');
header("Content-disposition: attachment; filename=demo.mp3");
readfile($url);

我想问你以上是否安全.而且，服务器是否会通过这种方式损失带宽?最后，它会影响服务器的资源吗?谢谢.

I would like to ask you if the above is safe. Moreover, does the server losses bandwidth by this way? And finally, does it influence the server's resources? Thanks.

推荐答案

不，这不安全.如果你在 database.php 中有你的数据库密码并且我输入了 database.php 作为 $_GET['url']，你的脚本会发送我的那个 PHP 文件，里面有你的密码.

No, that's not safe. If you had your database password in database.php and I entered database.php as $_GET['url'], your script would send me that PHP file with your password in it.

是的，这会占用带宽和一些服务器资源.

Yes, this would use up bandwidth and some server resources.

这篇关于php readfile - 强制下载的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！