In a site which uses a normal, cookie-based authentication where the password is stored on a cookie, is there a way to serve files only for users that are already logged in?
1条回答 默认 最新
dtvp3625 2013-02-14 21:58关注Short answer: No.
Long answer: You can write an authenticated application where the user has to login and then the application manages the compilation of headers and whatnot for the user to access a given file. For instance, if your users need to download a PDF or something you can send pdf headers and then send binary data; they won't be able to see what file on the server you're serving up. Downside is that this is slower than just pushing them a file from the filesystem or a CDN.
Also, don't store the password in the cookie. Create a hash or something you can access and validate again, but password in cookie is just a bad idea; those guys are plaintext!
解决 无用评论 打赏举报
分享
- 2023-01-21 17:53回答 2 已采纳 可以
- 2020-04-07 11:11回答 1 已采纳 提示的是语法错误,不能用点组合,这在以前版本只是个提示而不是错误,你先排查下低级错误 是不是那个常量造成的,去掉_DIR_.是不是问题就没有了,注意数组赋值那一行后面不要加;分号 你的宏是这样定义
- 2019-03-19 07:36回答 1 已采纳 Selinux needs to be configured context cd /var/www/html mkdir upload chown apache:apache upload c
- 2021-04-18 13:53weixin_39517241的博客 Apache服务器已经内置用户验证机制,大家只要适当的加以设置,便可以控制网站的某些部分要用户验证。前期准备,必须已经安装apache,如果还没安装,或者对安装很模糊的话,第1步:我们在/var/www(apache的主页根目录...
- 2019-06-21 08:19回答 1 已采纳 If I understand this correctly the Apache serving your app is inside the Docker container. Then Do
- 2019-05-07 04:31回答 3 已采纳 I have solved the problem I am posting my apache2 config code. Might be this can be helpful for a
- 2019-03-19 11:06回答 1 已采纳 To everyone having the same problem as me, it turned out Symfony 1.4 doesn't support PHP 7.3 so I
- 2023-07-22 00:048. `.htaccess` - 配置Apache服务器的访问规则,如URL重写,防止直接访问某些敏感文件。 Mollify php的实现原理包括: 1. **用户认证**:通过登录系统验证用户身份,可能使用session或cookie来保持会话状态。 2. **...
- 2017-02-21 12:17回答 1 已采纳 In PHP, you can use $_SERVER['REMOTE_ADDR'] to get the IP address of the remote client. Using this
- 2022-08-04 09:02回答 1 已采纳 去查日志,看看报错说的是什么啊,根据日志来具体定位。
- 2017-03-23 09:48回答 1 已采纳 It should be RewriteRule ^(.*)$ /index.php?/$1 [L] with ? not RewriteRule ^(.*)$ /index.php/$1
- 2020-08-09 01:29cukw6666的博客 由于Apache必须在涉及该目录的每个请求上重新读取这些文件,这可能会对性能产生负面影响,因此选择Option 1是首选,但是如果您已经在使用.htaccess文件,或者需要允许非root用户管理限制,则.htaccess文件很有意义...
- 2019-04-14 11:42回答 1 已采纳 I executed your code in my computer file_put_contents("gitclone.bat", "git clone https://github.c
- 2020-08-08 09:20cukw6666的博客 This tutorial will walk you through password-protecting assets on an Apache web server running on Ubuntu 18.04. Completing these steps will provide your server with additional secur...
- 2021-10-10 09:34通过配置Apache的配置文件,可以设定各种访问规则,包括限制某些目录的访问权限。 5. **PHP**:PHP是一种嵌入HTML中的脚本语言,适合处理动态内容。它可以连接和操作MySQL数据库,处理用户输入,生成动态网页,以及...
- 没有解决我的问题, 去提问
悬赏问题
- ¥20 dify的代码解释器工具和代码执行节点有什么区别?代码解释器工具怎么用?
- ¥100 springboot2.7.x 整合 sharding 的问题
- ¥15 如何通过命令行操作统信360安全浏览器?
- ¥15 upload-labs-master第三关
- ¥15 关于LT3758反激式负压电源,功率三极管烧毁的问题
- ¥20 aruba ap305 CAP转IAP
- ¥20 rockchip rk3588 ffmedia运行异常
- ¥30 如何用 Java 简单系统设计?(相关搜索:服务器|面向对象设计|随机数)
- ¥15 鸿蒙开发(关键词-开发环境)
- ¥15 错误使用 mex Embedding metadata in the MEX file failed.