使用slim和php访问目录根目录之外的文件
[英]Accessing files outside directory root with slim and php
问题描述
Currently my file structure is as follows: 
目前,我的文件结构如下:
├── README.md
├── app
├── classes
├── composer.json
├── composer.lock
├── database
├── public
├── templates
├── users
└── vendor
Inside of the users folder I have folders that relate to the username of the logged in user, each with their own files and folders defined by the user. 在users文件夹中,我有一些文件夹与登录用户的用户名有关,每个文件夹都有由用户定义的自己的文件和文件夹。
The issue I'm encountering is that I am unable to download files inside the users directory. 我遇到的问题是我无法下载users目录中的文件。 Currently, I have my code working by moving the users directory inside of the public directory but there are pretty obvious security flaws to this. 目前,我的代码可以通过将users目录移到public目录中来工作,但是这样做存在明显的安全漏洞。 How would I make it so my users directory is one level up from the root as shown here but still able to be accessed by the public directory? 我该如何使我的用户目录位于根目录的上一级,如此处所示,但仍可以由public目录访问?
I've already tried using RewriteRule users/ ../users/ but it does not seem to work. 我已经尝试过使用RewriteRule users/ ../users/但是它似乎不起作用。 I'm able to access the users directory through PHP, just not my front-controller in the public folder. 我能够访问users通过PHP目录,在刚刚不是我的前端控制器public文件夹。
This is my first "real" project using Slim so I'm very new to this whole front-controller/mvc type thing. 这是我使用Slim的第一个“真实”项目,因此对于整个前控制器/ mvc类型的事情我还是很陌生。 Any help would be great, thanks! 任何帮助将是巨大的,谢谢!
1 个解决方案
解决方案1
1 已采纳 2016-09-16 02:53:33
In your routing logic or controller you'd need to verify the user has access to said file, then most likely use PHP to serve the file since it isn't accessible in the web path. 在路由逻辑或控制器中,您需要验证用户是否有权访问该文件,然后最有可能使用PHP来提供文件,因为在Web路径中无法访问该文件。
In PHP, you can set the proper HTTP headers and use readfile() to serve files to the end user. 在PHP中,您可以设置适当的HTTP标头,并使用readfile()将文件提供给最终用户。
http://php.net/manual/en/function.readfile.php http://php.net/manual/zh/function.readfile.php
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.