拒绝使用php直接下载文件 [英] DENY direct download of file using php
问题描述
我的服务器上的下载目录中有 .doc
和 .zip
文件.谁访问我的网站页面 (download-file.php)
只有那些用户应该能够下载这些文件而其他人不应该.
I have .doc
and .zip
files in download directory on my server.
whoever visit my site page (download-file.php)
only those user should be able to download these files and other should not.
我正在努力实现上述目标,但没有运气...
I am trying to achieve above but no luck...
我仍然可以在浏览器中放置直接文件地址(http://example.com/sample.doc
)并且我可以下载我不想要的......甚至有人否则在任何网站上提供上述文件的链接,也不应该发生下载.
I am still able to put direct file address (http://example.com/sample.doc
) in browser and I am able to download which I don't want..even someone else giving link to above file on any website then also download should not happen.
任何人都可以分享一些想法..我应该如何实现这一点.
Could any one please share some idea..how i should achieve this.
提前致谢.
推荐答案
在文档根目录的 htaccess 文件中,您可以包含以下规则:
In the htaccess file in your document root, you can include these rules:
RewriteEngine On
# you can add whatever extensions you want routed to your php script
RewriteCond %{REQUEST_URI} .(doc|zip|pdf)$ [NC]
RewriteRule ^(.*)$ /download-file.php?filename=$1 [L]
然后在您的 download-file.php
中,您可以显示您需要显示的任何内容和下载链接,您的 php 脚本可以立即使用 php的readfile()(例子见链接)
Then in your download-file.php
, you can display whatever you need to display and the download link, which your php script can just immediately serve the file using php's readfile() (see link for examples)
这篇关于拒绝使用php直接下载文件的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!