php安全下载(cpu用法)

时间:2013-04-14 20:57:29

标签: php security download

我说英语不好 对不起! 我需要一个PHP安全下载 我正在使用此代码 但 当我下载一个大文件 CPU使用率太高 解决方案是什么?

我的cpu使用情况

http://s2.picofile.com/file/7726178274/Untitled_1.jpg

 <?php
@ini_set('error_reporting', E_ALL & ~ E_NOTICE);
//- turn off compression on the server
if(function_exists("apache_setenv"))
    @apache_setenv('no-gzip', 1);
@ini_set('zlib.output_compression', 'Off');
if(!isset($_REQUEST['file']) || empty($_REQUEST['file'])) 
{
    header("HTTP/1.0 400 Bad Request");
    exit;
}
// sanitize the file request, keep just the name and extension
// also, replaces the file location with a preset one ('./myfiles/' in this example)
$file_path  = $_REQUEST['file'];
$path_parts = pathinfo($file_path);
$file_name  = $path_parts['basename'];
$file_ext   = $path_parts['extension'];
//$file_path  = './myfiles/' . $file_name;
// allow a file to be streamed instead of sent as an attachment
$is_attachment = isset($_REQUEST['stream']) ? false : true;
// make sure the file exists
if (is_file($file_path))
{
    $file_size  = filesize($file_path);
    $file = @fopen($file_path,"rb");
    if ($file)
    {
        // set the headers, prevent caching
        header("Pragma: public");
        header("Expires: -1");
        header("Cache-Control: public, must-revalidate, post-check=0, pre-check=0");
        header("Content-Disposition: attachment; filename=\"$file_name\"");

        // set appropriate headers for attachment or streamed file
        if ($is_attachment) {
                header("Content-Disposition: attachment; filename=\"$file_name\"");
        }
        else {
                header('Content-Disposition: inline;');
                header('Content-Transfer-Encoding: binary');
        }

        // set the mime type based on extension, add yours if needed.
        $ctype_default = "application/octet-stream";
        $content_types = array(
                "exe" => "application/octet-stream",
                "zip" => "application/zip",
                "mp3" => "audio/mpeg",
                "mpg" => "video/mpeg",
                "avi" => "video/x-msvideo",
        );
        $ctype = isset($content_types[$file_ext]) ? $content_types[$file_ext] : $ctype_default;
        header("Content-Type: " . $ctype);

        //check if http_range is sent by browser (or download manager)
        if(isset($_SERVER['HTTP_RANGE']))
        {
            list($size_unit, $range_orig) = explode('=', $_SERVER['HTTP_RANGE'], 2);
            if ($size_unit == 'bytes')
            {
                //multiple ranges could be specified at the same time, but for simplicity only serve the first range
                //http://tools.ietf.org/id/draft-ietf-http-range-retrieval-00.txt
                list($range, $extra_ranges) = explode(',', $range_orig, 2);
            }
            else
            {
                $range = '';
                header('HTTP/1.1 416 Requested Range Not Satisfiable');
                exit;
            }
        }
        else
        {
            $range = '';
        }

        //figure out download piece from range (if set)
        list($seek_start, $seek_end) = explode('-', $range, 2);

        //set start and end based on range (if set), else set defaults
        //also check for invalid ranges.
        $seek_end   = (empty($seek_end)) ? ($file_size - 1) : min(abs(intval($seek_end)),($file_size - 1));
        $seek_start = (empty($seek_start) || $seek_end < abs(intval($seek_start))) ? 0 : max(abs(intval($seek_start)),0);

        //Only send partial content header if downloading a piece of the file (IE workaround)
        if ($seek_start > 0 || $seek_end < ($file_size - 1))
        {
            header('HTTP/1.1 206 Partial Content');
            header('Content-Range: bytes '.$seek_start.'-'.$seek_end.'/'.$file_size);
            header('Content-Length: '.($seek_end - $seek_start + 1));
        }
        else
          header("Content-Length: $file_size");

        header('Accept-Ranges: bytes');

        set_time_limit(0);
        fseek($file, $seek_start);

        while(!feof($file)) 
        {
            print(@fread($file, 1024*8));
            ob_flush();
            flush();
            if (connection_status()!=0) 
            {
                @fclose($file);
                exit;
            }           
        }

        // file save was a success
        @fclose($file);
        exit;
    }
    else 
    {
        // file couldn't be opened
        header("HTTP/1.0 500 Internal Server Error");
        exit;
    }
}
else
{
    // file does not exist
    header("HTTP/1.0 404 Not Found");
    exit;
}
?>

1 个答案:

答案 0 :(得分:0)

对于大文件,最好使用xsend文件,一个apache模块,非常容易设置,最重要的是,它可以与大文件完美配合。 https://tn123.org/mod_xsendfile/

php解决方案意味着你必须在提供下载之前阅读内存中的所有文件,这是一个非常大的问题,你可以看到。