I have uploaded some zip files to my server and now want to allow a user to download them if he/she has an appropriate password. I'm coding in PHP and I've made it so a user cannot access the page with the links to zip files unless the proper password has been entered, but by having a link to my zip file the user could just see and in future cases type in the absolute location of the zip file and bypass my password checks. If I change the file permissions on the zip file then I can't have it as a link because the user won't be able to access it. How can I allow the user to get the zip file while still keeping it secure? Any suggestions would be much appreciated.
3条回答 默认 最新
dqoys62082 2012-08-23 06:48关注The best way to do this is to
mask url.- user logins
- generate a token based on his login details. some
md5or whatever you decide - create a download link (eg:
download.php) that load the file based on valid token and session and get's the file withfile_get_contents().
解决 无用评论 打赏举报
分享
- 2018-07-16 11:45回答 2 已采纳 initialise $price before looping through the array. $connect = mysqli_connect("localhost", "root"
- 2018-02-05 12:25回答 1 已采纳 Apparently the real problem was the fact that I was not supposed to use the PDO::prepare statement
- 2017-04-10 17:16回答 1 已采纳 No need to edit the files. Just create a ticket template, name it (e.g. EasyTicket), and make man
- 2021-05-03 17:02提供一个特征以允许对您的应用中的Laravel 6/7的所有口才模型进行评级。 评分可以是五星风格,也可以是简单的+ 1 / -1风格。 相容性 小于6.x的Laravel版本应使用1.x发行版虽然2.x发行版至少可以暂时与最新的...
- 2017-11-25 14:06回答 3 已采纳 that's ver simple.. add a select tag. here's an example. <!doctype html> <html> <h
- 2017-07-19 17:44回答 2 已采纳 You are incrementing the counter for every property. As it is set to 0 to start with, you should o
- 2016-09-15 16:56回答 1 已采纳 A straight forward technique to achieve what you want: Use mod_rewirte and .htaccess to setup "p
- 2021-04-07 01:46phpWebSocketServer ...详细文档位于此处: : 没有依赖 ... 该服务器允许您在浏览器中的Web应用程序之间建立通信并使后端脚本(在我的例子中为PHP)能够将信息传递回已调用后端脚本以执行某些操作的Web
- 2016-06-03 11:35回答 3 已采纳 Use the third parameter - Steps: (manual) print_r(range(1, 10, 0.1)); If you want to start from
- 2017-09-23 13:59回答 3 已采纳 Extended solution with DateTime object, array_map and range functions: $arr = [ ['date' =
- 2016-07-10 14:59回答 2 已采纳 I did so much workarounds. But, it should actually works. $countAllitems = count($allitems); $arr
- 2021-02-03 20:42Fracker是一套允许轻松跟踪和分析PHP函数调用的工具,其目的是在对PHP应用程序进行手动安全评估的过程中为研究人员提供帮助。 它包括: 需要在目标Web应用程序的环境中安装的,它将跟踪信息发送到侦听器; 一个...
- 2019-06-29 18:56回答 4 已采纳 It's because $structure->parts[0] does not match $structure->parts[$i]->disposition == 'a
- 2021-05-27 10:37最重要的LDAP模块此模块在Mattermost中为Team Edition提供了外部LDAP身份验证(免费)。概述当前,Team Edition中未提供Mattermost中的LDAP身份验证(仅在Enterprise Edition中)。 因此,在Mattermost中获得LDAP...
- 2018-05-15 10:32它允许你声明项目所依赖的代码库,它会在你的项目中为你安装他们。Composer 不是一个包管理器。是的,它涉及 "packages" 和 "libraries",但它在每个项目的基础上进行管理,在你项目的某个目录中(例如 vendor)进行...
- 没有解决我的问题, 去提问
悬赏问题
- ¥15 多址通信方式的抗噪声性能和系统容量对比
- ¥15 winform的chart曲线生成时有凸起
- ¥15 msix packaging tool打包问题
- ¥15 finalshell节点的搭建代码和那个端口代码教程
- ¥15 用hfss做微带贴片阵列天线的时候分析设置有问题
- ¥15 Centos / PETSc / PETGEM
- ¥15 centos7.9 IPv6端口telnet和端口监控问题
- ¥20 完全没有学习过GAN,看了CSDN的一篇文章,里面有代码但是完全不知道如何操作
- ¥15 使用ue5插件narrative时如何切换关卡也保存叙事任务记录
- ¥20 海浪数据 南海地区海况数据,波浪数据