dongzhang1987
2016-03-16 09:32
浏览 41
已采纳

.htaccess文件停止使用直接URL访问pic

I have a website in php and CodeIgniter where user upload their profile pic and profile pic is stored in folder with name pic_uid.jpg .

And then my script load pic from same folder.

I want to stop direct access of pic using .htaccess file.

like if pic path is

http://localhost/myweb/uploads/users/pic_19.jpg

If some one type this direct path, he will not get access to pic but when my script call this pic he can get access and show the pic.

I have tried many options but when i stop access to directory, my script also can't load pic.

How to achieve this ?

Thanks

图片转代码服务由CSDN问答提供 功能建议

我在php和CodeIgniter中有一个网站用户上传他们的个人资料图片和个人资料图片存储在名为pic_uid的文件夹中 .jpg。

然后我的脚本从相同的文件夹加载图片。

我想停止使用 .htaccess <直接访问图片 / code> file。

如果pic路径是

  http:// localhost  /myweb/uploads/users/pic_19.jpg
nn

如果有人输入这条直接路径,他将无法访问图片但是当我的脚本调用此图片时 可以访问并显示图片。

我尝试了很多选项但是当我停止访问目录时,我的脚本也无法加载图片。 < p>如何实现这一目标?

谢谢

  • 写回答
  • 好问题 提建议
  • 关注问题
  • 收藏
  • 邀请回答

2条回答 默认 最新

  • drv13270 2016-03-16 09:38
    已采纳

    You can do something like this. Have a directory say, secured. And inside that directory, place this .htaccess:

    Deny From All
    

    And now, store all your image files there:

    + secured/
      - image-1.png
      - image-2.png
      - image-3.png
    

    And in your PHP Script, use this proxy:

    <?php
      ob_start();
      /* true if the conditions met, like coming from the script or something */
      $right_user = true or false;
      if ($right_user) {
        header("Content-type: image/png");
        echo file_get_contents("secured/" . $_GET["file"]);
        die();
      } else {
        header("Content-type: text/plain");
        die("Ha ha! Can't steal!");
      }
    

    To reiterate what all I have done, I created a repo here at Cloud9. In that, I have got these files:

    └── php
        ├── index.php
        ├── insecure.php
        └── secured
            ├── .htaccess
            └── hello.txt
    

    And the each file has like this:

    insecure.php

    <?php
        header("Content-type: text/plain");
        if (file_exists("secured/" . $_GET["file"]))
            echo file_get_contents("secured/" . $_GET["file"]);
        else
            echo "404! File Not Found.";
        die();
    ?>
    

    secured/.htaccess

    Deny From All
    

    secured/hello.txt

    Hello, World.
    I am not accessible through normal requests.
    My location is in /php/secured/hello.txt.
    

    Demos

    Note: I am on a free account, so the server runs only for some time. Please make use of it.

    已采纳该答案
    评论
    解决 无用
    打赏 举报
  • dongxin1980 2016-03-16 09:38

    For stop access of pic with direct URL
    Use URI of codeiginiter copy this code in your routes.php

    $route['uploads/users/(:any)'] = "page_not_found";
    

    This code blocked all url accessing a folder uploads/users

    评论
    解决 无用
    打赏 举报

相关推荐 更多相似问题