I want to code a PHP-server file managing system and I am not sure how things are if it comes to protection. I mean every user can simply type into their browsers exact url of those files that will be uploaded to server by users f.e: htpp:///www.domain.com/files/user_name/file.doc. Those files that will be uploaded are very delicate and cannot be accessed another way than when logged in :x I don't know how to make this work
1条回答 默认 最新
- dongyi1748 2016-08-14 17:31关注
You can save the uploaded file in a directory that is not available from the outside, and make a script to access these files.
For exemple, in an apache2 configuration, you could have this :
/var/www/html (directory available from the outside)
/var/mydata (directory where you are going to send the uploaded file into)And you can have a script like :
/var/www/html/get_file.php
This script checks that the user is authorized to access the resources, and then force a download header.
Example for a zip file :$attachment_location = "/var/mydata/myfile.zip"; header("Content-Type: application/zip"); header("Content-Transfer-Encoding: Binary"); header("Content-Length:".filesize($attachment_location)); header("Content-Disposition: attachment; filename=filePath");
解决 无用评论 打赏 举报
悬赏问题
- ¥20 wireshark抓不到vlan
- ¥20 关于#stm32#的问题:需要指导自动酸碱滴定仪的原理图程序代码及仿真
- ¥20 设计一款异域新娘的视频相亲软件需要哪些技术支持
- ¥15 stata安慰剂检验作图但是真实值不出现在图上
- ¥15 c程序不知道为什么得不到结果
- ¥40 复杂的限制性的商函数处理
- ¥15 程序不包含适用于入口点的静态Main方法
- ¥15 素材场景中光线烘焙后灯光失效
- ¥15 请教一下各位,为什么我这个没有实现模拟点击
- ¥15 执行 virtuoso 命令后,界面没有,cadence 启动不起来