dongtou9934 2019-01-25 23:38
浏览 136
已采纳

使用PHP启用/禁用htaccess?

Is there a way to disable htaccess to website users? What I need is htaccess to disable only to a select group of my website users to access a directory full of uploaded images and to the non-selected user have htaccess enabled to stop them from accessing the directory!

Any help would be great!

  • 写回答

2条回答 默认 最新

  • douxue4395 2019-01-26 00:09
    关注

    You'll want to do this: Basically redirect all requests to a php file which then does the access control.

    .htaccess

    RewriteEngine on
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteRule ^(.*)$ /CheckAuthorizedToFile.php?file=$1 [NC,L,QSA]
    

    CheckAuthorizedToFile.php

    <?php
    
    
    $basepath = '/path/to/images/';
    $realBase = realpath($basepath);
    
    $userpath = $basepath . $_GET['file'];
    $realUserPath = realpath($userpath);
    
    if ($realUserPath === false || strpos($realUserPath, $realBase) !== 0) {
    //prevent directory traversal by exiting execution
    exit();
    } 
    
    if($_SESSSION['IsAllowedToViewFiles']===true)
    {
    
    
    $file = $_GET['file'];
    $type = 'image/jpeg';
    header('Content-Type:'.$type);
    header('Content-Length: ' . filesize($file));
    readfile($file);
    }
    else
    {
    echo "Not Autorized please login.";
    }
    
    
    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论
查看更多回答(1条)

报告相同问题?

悬赏问题

  • ¥15 电脑出问题了,说是usbmom注册表没
  • ¥20 需要步骤截图(标签-服务器|关键词-map)
  • ¥50 gki vendor hook
  • ¥15 灰狼算法和蚁群算法如何结合
  • ¥15 这是一个利用ESP32自带按键和LED控制的录像代码,编译过程出现问题,请解决并且指出错误,指导如何处理 ,协助完成代码并上传代码
  • ¥20 stm32f103,hal库 hal_usart_receive函数接收不到数据。
  • ¥20 求结果和代码,sas利用OPTEX程序和D-efficiency生成正交集
  • ¥50 adb连接不到手机是怎么回事?
  • ¥20 抓取数据时发生错误: get_mooncake_data() missing 1 required positional argument: 'driver'的问题,怎么改出正确的爬虫代码?
  • ¥15 vs2022无法联网