doukuiqian5345 2018-06-04 15:41
浏览 66
已采纳

是否可以从提交中获取实际的链接文件?

For example, I use this form submit to download a file. 

if(!isset($hasError) {
  //some code here.
$file_url = "http://example.com/files/download/file.pdf";
header("Expires: 0");
                  header("Cache-Control: no-cache, no-store, must-revalidate"); 
                  header('Cache-Control: pre-check=0, post-check=0, max-age=0', false); 
                  header("Pragma: no-cache");   
                  header("Content-type: {$content_type}");
                  header("Content-Disposition:attachment; filename={$file_new_name}");
                  header("Content-Type: application/force-download");
                  flush();
                  readfile("{$file_url}");
                  exit();
}

With the submit form above, it will return downloadable file to save. As I see on Chrome (Ctrl + J), the download link is not displayed. It shows only form link with action. But is possible for visitor to know the actual link like this: "http://example.com/files/download/file.pdf".

If they can find that link, any solution to prevent this?

Thank you so much.

  • 写回答

3条回答 默认 最新

  • dpdyh86002 2018-06-07 16:08
    关注

    You can add .htaccess with Deny from all in files/download/ to forbid direct access (= HTTP request) but with readfile you will can read the file.

    NB : You need to use readfile function and stream your request (for big file) like that : https://www.media-division.com/the-right-way-to-handle-file-downloads-in-php/ & https://www.media-division.com/php-download-script-with-resume-option/

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论
查看更多回答(2条)

报告相同问题?

悬赏问题

  • ¥30 这是哪个作者做的宝宝起名网站
  • ¥60 版本过低apk如何修改可以兼容新的安卓系统
  • ¥25 由IPR导致的DRIVER_POWER_STATE_FAILURE蓝屏
  • ¥50 有数据,怎么建立模型求影响全要素生产率的因素
  • ¥50 有数据,怎么用matlab求全要素生产率
  • ¥15 TI的insta-spin例程
  • ¥15 完成下列问题完成下列问题
  • ¥15 C#算法问题, 不知道怎么处理这个数据的转换
  • ¥15 YoloV5 第三方库的版本对照问题
  • ¥15 请完成下列相关问题!