隐藏下载链接的替代方式 [英] Alternative way to hide download link

问题描述

我正在使用此代码来隐藏下载链接，但为某些用户提供未完成的下载。我不知道为什么，但是太多的用户向我报告了这个问题。
我目前的代码是：

I'm currently using this code to hide download link but its giving uncompleted download for some users. I don't know why, but too many users report this problem to me. My current code is:

file = "../".$realFileName;
$fakeFileName= 'Upbaz.ir-'.base64_decode($_GET['ffname']);
$fp = fopen($file, 'rb');
header("Content-Type: application/octet-stream");
header("Content-Disposition: attachment; filename=$fakeFileName");
header("Content-Length: " . filesize($file));
fpassthru($fp);

任何人都知道其他方式隐藏下载链接？

Anyone know other way to hide download link?

推荐答案

此脚本将处理文件的下载，并包含一个缓冲区/不同的ext类型（如果您愿意）。隐藏链接的一个好方法是将文件放在受保护的目录中，并将链接存储在数据库中。用户看到与文件绑定的ID或会话，服务器查找该文件并提供该文件。

This script will handle the downloading of the file and it includes a buffer/ different ext types (if you desire). A good way to hide links is to put files in a protected directory and have links stored in a database. The user sees an ID or a session tied to a file and the server finds the file and serves it.

if ($fd = fopen ($fullPath, "r")) {
    $fsize = filesize($fullPath);
    $path_parts = pathinfo($fullPath);
    $ext = strtolower($path_parts["extension"]);
    switch ($ext) {
        case "txt":
            header("Content-type: application/txt"); // add here more headers for diff. extensions
            header("Content-Disposition: attachment; filename=\"".$path_parts["basename"]."\""); // use 'attachment' to force a download
            break;
        default:
            header("Content-type: application/octet-stream");
            header("Content-Disposition: attachment; filename=\"".$path_parts["basename"]."\"");
    }
    header("Content-length: $fsize");
    header("Cache-control: private"); //use this to open files directly
    while(!feof($fd)) {
        $buffer = fread($fd, 2048);
        echo $buffer;
    }
}
fclose ($fd);

.htaccess保护目录（您应该只有这些文件的目录

.htaccess to protect directory (you should have a dir for only these files

deny from all

以上脚本修改为您的：

$file = "../".$realFileName;
$fakeFileName= 'Upbaz.ir-'.base64_decode($_GET['ffname']);
if ($fd = fopen ($file, "r")) {
        $fsize = filesize($file);

        header("Content-type: application/octet-stream");
        header("Content-Disposition: attachment; filename=\"$fakename\"");

        header("Content-length: $fsize");
        header("Cache-control: private"); //use this to open files directly
        while(!feof($fd)) {
            $buffer = fread($fd, 2048);
            echo $buffer;
        }
    }
    fclose ($fd);

这篇关于隐藏下载链接的替代方式的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！