I have a PHP website and I want to make sure that only logged in users can access certain data and that users can only access data the have clearance to access. I'm not really sure if this is a PHP or Apache issue. Let's say the folder "Images" exists on the server. If the user is not logged in and the browser requests can image from the folder, would a redirect to another page take care of it or do I need to involve Apache somehow to make sure that the user absolutely can't access the files unless there is a PHP session which identifies the user?
2条回答 默认 最新
dpict99695329 2014-09-27 19:21关注Use php to verify the user and use an .htaccess file to deny any access to that directory which isn't sent from php. However, if you use the .htaccess method, you'll have to get the image with php, it won't be accessible with html or javascript. Put an .htaccess file in the image folder:
deny from allWith that written inside of the .htaccess file.
Then only php can access the files inside of the folder.
本回答被题主选为最佳回答 , 对您是否有帮助呢?解决 无用评论 打赏举报
分享
- 2014-09-27 18:53回答 2 已采纳 Use php to verify the user and use an .htaccess file to deny any access to that directory which i
- 2018-03-09 16:35回答 1 已采纳 You can for sure using different ports: Can a single Apache server handle both Tomcat and PHP? Ho
- 2014-12-30 19:17回答 1 已采纳 I was able to solve this problem by adding DirectorySlash Off to my .htaccess file. Apache auto
- 2021-01-20 15:37如果用的是Apache服务器,还可以通过配置来禁止该目录下的PHP文件的访问,有两种方式: 方式一:.htaccess控制,适用于没有服务器管理权限。 在可写文件夹的目录下,建一个.htaccess文件,内容为: 代码如下:<Files>...
- 2017-09-18 06:26回答 1 已采纳 Okie, so have the repo helped to fix the issue. Issue #1 - www.conf being copied in apache contai
- 2017-06-19 08:57回答 1 已采纳 By design, containers started in detached mode exit when the root process used to run the conta
- 2017-10-29 07:22回答 3 已采纳 I solved this question and created a repo for anyone who is interested a more in depth explanation
- 2021-05-18 09:13摘要:PHP源码,文件管理,目录绑定 Htaccess-Admin PHP子目录绑定管理平台 V3.0,利用他可以将您的多个顶级域名绑定到空间的任意文件夹!支持的Web服务器有Apache、IIS 6、IIS7,而且空间需支持rewrite。 Htaccess-...
- 2018-07-24 15:38回答 1 已采纳 The solution to the problem is: sudo chcon -R -v -t httpd_sys_rw_content_t info.php How @Lou sa
- 2018-03-07 08:43回答 1 已采纳 At last reached the answer myself! I had to modify the SELinux configuration with chon command and
- 2018-08-20 15:48回答 3 已采纳 From everything I read here, including your comments it seems your "production" server is behind a
- 2022-07-28 17:59王一1995的博客 例如把自己的产品卖给用户,用户去修改自己的配置文件的时候,去修改了别人的配置文件,导致别人的配置文件无法使用,所以apache把一部分配置文件让用户去完成。既匹配Deny语句又匹配Allow语句,由于allow语句覆盖了...
- 2018-10-17 22:42回答 1 已采纳 The solution setsebool -P httpd_can_network_connect=1 setsebool -P httpd_can_network_connect_db=1
- 2021-06-21 01:22为了保证系统的安全性,系统根目录移至public目录下,把程序和逻辑代码放到根目录以外。在配置网站时,把网站根目录指向web目录下,然后通过composer把所需的扩展类库更新,包括thinkphp框架同样通过composer进行...
- 2021-04-30 05:56冯丹彤的博客 linux系统装了lamp运行网站时,发现www.xxx.com/index.php里调用include()里不能引用根目录上一级的php文件,只能引用根目录里的php文件。原本在window系统是正常运行的,转到linux反而出现这样的问题了,这是linux...
- 没有解决我的问题, 去提问
悬赏问题
- ¥15 真我手机蓝牙传输进度消息被关闭了,怎么打开?(关键词-消息通知)
- ¥15 下图接收小电路,谁知道原理
- ¥15 装 pytorch 的时候出了好多问题,遇到这种情况怎么处理?
- ¥20 IOS游览器某宝手机网页版自动立即购买JavaScript脚本
- ¥15 手机接入宽带网线,如何释放宽带全部速度
- ¥30 关于#r语言#的问题:如何对R语言中mfgarch包中构建的garch-midas模型进行样本内长期波动率预测和样本外长期波动率预测
- ¥15 ETLCloud 处理json多层级问题
- ¥15 matlab中使用gurobi时报错
- ¥15 这个主板怎么能扩出一两个sata口
- ¥15 不是,这到底错哪儿了😭