拒绝使用php直接下载文件 [英] DENY direct download of file using php

问题描述

我的服务器上的下载目录中有 .doc 和 .zip 文件.谁访问我的网站页面 (download-file.php) 只有那些用户应该能够下载这些文件而其他人不应该.

I have .doc and .zip files in download directory on my server. whoever visit my site page (download-file.php) only those user should be able to download these files and other should not.

我正在努力实现上述目标，但没有运气...

I am trying to achieve above but no luck...

我仍然可以在浏览器中放置直接文件地址(http://example.com/sample.doc)并且我可以下载我不想要的......甚至有人否则在任何网站上提供上述文件的链接，也不应该发生下载.

I am still able to put direct file address (http://example.com/sample.doc) in browser and I am able to download which I don't want..even someone else giving link to above file on any website then also download should not happen.

任何人都可以分享一些想法..我应该如何实现这一点.

Could any one please share some idea..how i should achieve this.

提前致谢.

推荐答案

在文档根目录的 htaccess 文件中，您可以包含以下规则:

In the htaccess file in your document root, you can include these rules:

RewriteEngine On
# you can add whatever extensions you want routed to your php script
RewriteCond %{REQUEST_URI} .(doc|zip|pdf)$ [NC]
RewriteRule ^(.*)$ /download-file.php?filename=$1 [L]

然后在您的 download-file.php 中，您可以显示您需要显示的任何内容和下载链接，您的 php 脚本可以立即使用 php的readfile()(例子见链接)

Then in your download-file.php, you can display whatever you need to display and the download link, which your php script can just immediately serve the file using php's readfile() (see link for examples)

这篇关于拒绝使用php直接下载文件的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！