隐藏下载URL [英] Hide download URL
问题描述
我试图让用户看不到可下载PDF文档的网址,以便他们无法从其他地方访问它。我需要隐藏网页左下角的网址(鼠标悬停时)以及浏览器地址栏中的网址。我需要它在所有浏览器上工作。
我的HTML看起来像这样:
< a href =http://www.example.com/files/pdf/a34501.pdf>查看PDF< / a>
链接应如下所示:
原因是用户必须提供一个代码才能下载他们的文档,但是如果他们能够看到URL,他们可以轻松下载其他人的文档(他们只需要更改a34501.pdf部分中的一个数字) 。
我读了一些关于使用JavaScript函数来加密URL或使用外部PHP文件的信息。然而,我不知道该怎么做。
谢谢。
if($ validUser )
{
$ path = $ fileName;
$ size = filesize($ path);
$ fp = fopen($ path,rb);
$ content = fread($ fp,$ size);
fclose($ fp);
header(Content-length:。$ size);
header(Content-type:application / octet-stream);
header(Content-disposition:attachment; filename =。$ fileName。;);
echo $ content;
}
exit();
假定您在服务器中有物理文件,但是如果您有它们,可以对其进行修改数据库或任何其他存储介质。当然,您必须先验证用户是否有权下载该文件,但这取决于您。
I'm trying to make the URL of a downloadable PDF document invisible to the user, so that they can't access it from anywhere else. I need to hide the URL from the bottom left of the page (when they mouse over) and the URL from the browser's address bar when they open it. I need it to work on all browsers.
My HTML looks like this:
<a href="http://www.example.com/files/pdf/a34501.pdf">View PDF</a>
And the link should look like this:
The reason is the user must provide a code to be able to download their document, but if they can see the URL they could easily download someone else's documents (They only have to change a digit in the "a34501.pdf" part).
I read something about using a JavaScript function to encrypt the URL, or use an external PHP file. However, I don't know how to do that.
Thanks.
Hiding the url will baffle the least tech savvy users, but not anyone who is willing to download your files and have a very minimal tech knowledge, if you need to hide your files behind a code (or pay wall) you can use a PHP script that authenticates the user and spits out the corresponding file, a small example is like this:
if($validUser)
{
$path = $fileName;
$size = filesize($path);
$fp = fopen($path, "rb");
$content = fread($fp, $size);
fclose($fp);
header("Content-length: ".$size);
header("Content-type: application/octet-stream");
header("Content-disposition: attachment; filename=".$fileName.";" );
echo $content;
}
exit();
This assumes you have the files physically in the server, but you can modify it if you have them in a database or any other storage medium. Of course, you must first validate if the user have the right to download that file but this is up to you.
这篇关于隐藏下载URL的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!