DENY使用PHP文件直接下载 [英] DENY direct download of file using php
问题描述
我的.doc和放大器;我的.zip服务器上的下载目录中的文件。 谁访问我的网站页面(下载-为file.php)只有那些用户应该能够下载这些文件和其他不应该的。
i have .doc & .zip files in download directory on my server. whoever visit my site page (download-file.php) only those user should be able to download these files and other should not.
我想实现以上但没有运气...
I am trying to achieve above but no luck...
我仍然能够直接把文件地址(http://example.com/sample.doc)在浏览器中,我能够下载我不want..even别人给的链接上面的文件在任何网站上那么还可以下载不应该发生的。
i am still able to put direct file address (http://example.com/sample.doc) in browser and i am able to download which i dont want..even someone else giving link to above file on any website then also download should not happen.
可以任何一个,请大家分享一些idea..how我应该achive这一点。
could any one please share some idea..how i should achive this.
感谢你在前进。
推荐答案
在你的文档根htaccess文件,您可以包括以下规则:
In the htaccess file in your document root, you can include these rules:
RewriteEngine On
# you can add whatever extensions you want routed to your php script
RewriteCond %{REQUEST_URI} \.(doc|zip|pdf)$ [NC]
RewriteRule ^(.*)$ /download-file.php?filename=$1 [L]
然后在你的下载为file.php ,可以显示任何你需要显示的下载链接,其中使用PHP脚本可以只直接服务于文件< A HREF =http://php.net/manual/en/function.readfile.php> PHP的ReadFile的()(见链接的例子)
Then in your download-file.php, you can display whatever you need to display and the download link, which your php script can just immediately serve the file using php's readfile() (see link for examples)
这篇关于DENY使用PHP文件直接下载的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
