By default, symfony uploades file to web/upload folder, so they are accessible for anyone. I need to check user credentials on every request to a file. How should I do this?
1条回答 默认 最新
- douyin8623 2010-11-18 19:20关注
Move your uploads outside of your webroot, like in /data/uploads. In that case, you'll need to put this in your ProjectConfiguration file:
sfConfig::set('sf_upload_dir' => sfConfig::get("sf_data_dir") . DIRECTORY_SEPARATOR . 'uploads');
Provided that you always used sf_upload_dir to specify the uploads folder, all your files will get saved there.
The second part of the solution needs a new action, that gets a filename, checks if the user has access to it, and returns:
- either a 403 error
- or the file contents via
readfile()
, after setting the correct Content-Type and Content-Lenght headers.
解决 无用评论 打赏 举报
悬赏问题
- ¥20 mysql架构,按照姓名分表
- ¥15 MATLAB实现区间[a,b]上的Gauss-Legendre积分
- ¥15 Macbookpro 连接热点正常上网,连接不了Wi-Fi。
- ¥15 delphi webbrowser组件网页下拉菜单自动选择问题
- ¥15 linux驱动,linux应用,多线程
- ¥20 我要一个分身加定位两个功能的安卓app
- ¥15 基于FOC驱动器,如何实现卡丁车下坡无阻力的遛坡的效果
- ¥15 IAR程序莫名变量多重定义
- ¥15 (标签-UDP|关键词-client)
- ¥15 关于库卡officelite无法与虚拟机通讯的问题