doukuipai8544 2012-06-20 15:55
浏览 10
已采纳

文件下载与应用程序授权

I have a symfony 1.4 application with an admin backend, and I would like to make some pdf / images available to authenticated users only. The authentication process is handled by symfony.

How can I make sure only authenticated users can download the files, even files exceeding php's memory_limit setting?

The web server I use is nginx.

  • 写回答

1条回答 默认 最新

  • dousuochu7291 2012-06-20 16:07
    关注

    Use X-Sendfile (/X-Accel-Redirect), nginx will serve the file after the PHP script sends the appropriate headers and ends. This seems a proper explanation.

    greg0ire > Here is my implementation with symfony 1.4 and nginx:

    1. create a directory named "secure" under web
    2. configure nginx like this:
    3. create a symfony route
    4. create a symfony action

    Nginx configuration:

    location /secure/ {
    internal;
  }

    Symfony routing

    SecureDownload:
  url: /anything-you-want-but-secure/:filename
  options:
    segment_separators: ['/'] # filenames often contain dots
  params:
    module: YourModule
    action: secureDownload

    Symfony action

    <?php
class SecureDownloadAction extends sfAction
{
  public function execute($request)
  {
    $this->getResponse()->setHttpHeader(
      "X-Accel-Redirect",
      "/secure/" . $request->getParameter('filename'));
    $this->getResponse()->setHttpHeader(
      "Content-Disposition",
      "attachement; filename=". $request->getParameter('filename'));
    return sfView::HEADER_ONLY;
  }
}
    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

悬赏问题

  • ¥15 关于#matlab#的问题:在模糊控制器中选出线路信息,在simulink中根据线路信息生成速度时间目标曲线(初速度为20m/s,15秒后减为0的速度时间图像)我想问线路信息是什么
  • ¥15 banner广告展示设置多少时间不怎么会消耗用户价值
  • ¥16 mybatis的代理对象无法通过@Autowired装填
  • ¥15 可见光定位matlab仿真
  • ¥15 arduino 四自由度机械臂
  • ¥15 wordpress 产品图片 GIF 没法显示
  • ¥15 求三国群英传pl国战时间的修改方法
  • ¥15 matlab代码代写,需写出详细代码,代价私
  • ¥15 ROS系统搭建请教(跨境电商用途)
  • ¥15 AIC3204的示例代码有吗,想用AIC3204测量血氧,找不到相关的代码。