我的php应用程序有点问题,我有一个名为&#34的文件夹; my_files"在这里我在许多目录中有很多pdf。 内部" my_files"目录我把这个htaccess行拒绝直接访问表单url(工作正常):
Order Deny,Allow
Deny from all
在我的根项目中,我把这个php文件(get_file.php)只允许为登录成员下载pdf:
if( !empty( $_GET['pdf_name'] ) ) {
// check if user is logged
if( is_user_logged_in() ){
$pdf_name = preg_replace( '#[^-\w]#', '', $_GET['pdf_name'] );
$pdf_folder = {$_SERVER['DOCUMENT_ROOT']}/docs/en;
$fic = "{$pdf_folder}/{$pdf_name}.pdf";
if( file_exists( $fic ) ){
header( 'Cache-Control: public' );
header( 'Content-Description: File Transfer' );*/
header( 'Content-Type: application/pdf');
header( "Content-Disposition: attachment; filename={$fic}" );
header( 'Content-Transfer-Encoding: binary' );
readfile( $fic );
exit;
}
}
} else {
die( "ERROR: you don't have permissions to download it." );
}
当我访问此网址时:
myappdomaindotcom/get_file.php?pdf_name=STUDENTS
浏览器返回:
This web page is not available
ERR_INVALID_RESPONSE
有人可以帮帮我吗?目的是禁止文件直接访问,但仅允许登录成员。
在浏览器控制台上我得到了这个回复: 为什么我有数据:image ????
我更改了一些代码以添加引用但是我得到了相同的结果,该文件确实存在,但控制台返回相同的失败状态。
if( !empty( $_GET['pdf_name'] ) ) {
// check if user is logged
if( is_user_logged_in() ) {
$pdf_name = preg_replace( '#[^-\w]#', '', $_GET['pdf_name'] );
$pdf_folder = "{$_SERVER['DOCUMENT_ROOT']}/docs/en";
$pdf_file = "{$pdf_folder}/{$pdf_name}.pdf";
echo $pdf_file;
if( file_exists( $pdf_file ) )
{
header( 'Cache-Control: public' );
header( 'Content-Description: File Transfer' );
header( 'Content-Type: application/pdf');
header( "Content-Disposition: attachment; filename={$pdf_file}" );
header( 'Content-Transfer-Encoding: binary' );
readfile( $pdf_file );
}
}
} else {
die( "ERROR: you don't have permissions to download it." );
}
我终于通过这篇文章解决了它:solution,下面是最终代码:
if( !empty( $_GET['pdf_name'] ) ) {
// check if user is logged
if( is_user_logged_in() ) {
$proxiedDirectory = "{$_SERVER['DOCUMENT_ROOT']}/xxxx/";
$filename = $_GET['pdf_name'];
$file = $proxiedDirectory.$filename.'.pdf';
$basename = basename($file);
if( file_exists($file) ){
$fp = fopen($file, 'rb');
header("Content-Type: application/pdf", true, 200); //May need to determine mime type somehow
header("Content-Disposition: attachment; filename={$basename}");
header('Cache-Control: public');
readfile($file);
exit();
}
}
} else { die( "ERROR: you don't have permissions to download it." );}
谢谢你的帮助,但我还有一个问题:是否可以打开pdf而不是下载?
答案 0 :(得分:0)
试试此代码
错误行此$ pdf_folder = {$ _SERVER ['DOCUMENT_ROOT']} / docs / en;不是字符串。
if( !empty( $_GET['pdf_name'] ) ) {
// check if user is logged
if( is_user_logged_in() ){
$pdf_name = preg_replace( '#[^-\w]#', '', $_GET['pdf_name'] );
$pdf_folder = "{$_SERVER['DOCUMENT_ROOT']}/docs/en";
$fic = "{$pdf_folder}/{$pdf_name}.pdf";
if( file_exists( $fic ) ){
header( 'Cache-Control: public' );
header( 'Content-Description: File Transfer' );*/
header( 'Content-Type: application/pdf');
header( "Content-Disposition: attachment; filename={$fic}" );
header( 'Content-Transfer-Encoding: binary' );
readfile( $fic );
exit;
}
}
} else {
die( "ERROR: you don't have permissions to download it." );
}