I have a PHP website and I want to make sure that only logged in users can access certain data and that users can only access data the have clearance to access. I'm not really sure if this is a PHP or Apache issue. Let's say the folder "Images" exists on the server. If the user is not logged in and the browser requests can image from the folder, would a redirect to another page take care of it or do I need to involve Apache somehow to make sure that the user absolutely can't access the files unless there is a PHP session which identifies the user?
2条回答 默认 最新
dpict99695329 2014-09-27 19:21关注Use php to verify the user and use an .htaccess file to deny any access to that directory which isn't sent from php. However, if you use the .htaccess method, you'll have to get the image with php, it won't be accessible with html or javascript. Put an .htaccess file in the image folder:
deny from allWith that written inside of the .htaccess file.
Then only php can access the files inside of the folder.
本回答被题主选为最佳回答 , 对您是否有帮助呢?解决 无用评论 打赏举报
分享
- 2014-09-27 18:53回答 2 已采纳 Use php to verify the user and use an .htaccess file to deny any access to that directory which i
- 2018-03-09 16:35回答 1 已采纳 You can for sure using different ports: Can a single Apache server handle both Tomcat and PHP? Ho
- 2014-12-30 19:17回答 1 已采纳 I was able to solve this problem by adding DirectorySlash Off to my .htaccess file. Apache auto
- 2021-01-20 15:37如果用的是Apache服务器,还可以通过配置来禁止该目录下的PHP文件的访问,有两种方式: 方式一:.htaccess控制,适用于没有服务器管理权限。 在可写文件夹的目录下,建一个.htaccess文件,内容为: 代码如下:<Files>...
- 2017-09-18 06:26回答 1 已采纳 Okie, so have the repo helped to fix the issue. Issue #1 - www.conf being copied in apache contai
- 2017-06-19 08:57回答 1 已采纳 By design, containers started in detached mode exit when the root process used to run the conta
- 2017-10-29 07:22回答 3 已采纳 I solved this question and created a repo for anyone who is interested a more in depth explanation
- 2021-05-18 09:13摘要:PHP源码,文件管理,目录绑定 Htaccess-Admin PHP子目录绑定管理平台 V3.0,利用他可以将您的多个顶级域名绑定到空间的任意文件夹!支持的Web服务器有Apache、IIS 6、IIS7,而且空间需支持rewrite。 Htaccess-...
- 2018-07-24 15:38回答 1 已采纳 The solution to the problem is: sudo chcon -R -v -t httpd_sys_rw_content_t info.php How @Lou sa
- 2018-03-07 08:43回答 1 已采纳 At last reached the answer myself! I had to modify the SELinux configuration with chon command and
- 2018-08-20 15:48回答 3 已采纳 From everything I read here, including your comments it seems your "production" server is behind a
- 2022-07-28 17:59王一1995的博客 例如把自己的产品卖给用户,用户去修改自己的配置文件的时候,去修改了别人的配置文件,导致别人的配置文件无法使用,所以apache把一部分配置文件让用户去完成。既匹配Deny语句又匹配Allow语句,由于allow语句覆盖了...
- 2018-10-17 22:42回答 1 已采纳 The solution setsebool -P httpd_can_network_connect=1 setsebool -P httpd_can_network_connect_db=1
- 2021-06-21 01:22为了保证系统的安全性,系统根目录移至public目录下,把程序和逻辑代码放到根目录以外。在配置网站时,把网站根目录指向web目录下,然后通过composer把所需的扩展类库更新,包括thinkphp框架同样通过composer进行...
- 2021-04-30 05:56冯丹彤的博客 linux系统装了lamp运行网站时,发现www.xxx.com/index.php里调用include()里不能引用根目录上一级的php文件,只能引用根目录里的php文件。原本在window系统是正常运行的,转到linux反而出现这样的问题了,这是linux...
- 没有解决我的问题, 去提问
悬赏问题
- ¥15 微信会员卡接入微信支付商户号收款
- ¥15 如何获取烟草零售终端数据
- ¥15 数学建模招标中位数问题
- ¥15 phython路径名过长报错 不知道什么问题
- ¥15 深度学习中模型转换该怎么实现
- ¥15 HLs设计手写数字识别程序编译通不过
- ¥15 Stata外部命令安装问题求帮助!
- ¥15 从键盘随机输入A-H中的一串字符串,用七段数码管方法进行绘制。提交代码及运行截图。
- ¥15 TYPCE母转母,插入认方向
- ¥15 如何用python向钉钉机器人发送可以放大的图片?