[英]Redirect to a file outside of the domain Root
I want to give a file to a person based on the users rank so I need to hide the files in a directory which is hidden. 我想根据用户等级将文件提供给某人,因此我需要将文件隐藏在隐藏的目录中。
I'm using Plesk and my structure looks like this: 我正在使用Plesk,结构如下:
api (reachable from https://api.pexlab.net)
cloud (reachable from https://cloud.pexlab.net)
default (reachable from https://pexlab.net)
error_docs
hidden (not reachable)
My PHP script is located in: 我的PHP脚本位于:
api/hub/Test.php (reachable from https://api.pexlab.net/hub/Test.php)
I have tried this: 我已经试过了:
# In Test.php
downloadFile("../../hidden/hub/download/assets/user/main.fxml");
# Function:
function downloadFile($file) {
if(file_exists($file)) {
header('Content-Description: File Transfer');
header('Content-Type: application/octet-stream');
header('Content-Disposition: attachment; filename='.basename($file));
header('Content-Transfer-Encoding: binary');
header('Expires: 0');
header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
header('Pragma: public');
header('Content-Length: ' . filesize($file));
ob_clean();
flush();
readfile($file);
exit;
}
}
This method works but I want to redirect to this file (show it) and NOT download it. 此方法有效,但我想重定向到此文件(显示它)而不下载它。 So I have tried using this:
所以我试着用这个:
header("Location: ../../hidden/hub/download/assets/user/main.fxml");
But this tried to redirect to https://api.pexlab.net/hidden/hub/download/assets/user/main.fxml which is invalid. 但这试图重定向到无效的https://api.pexlab.net/hidden/hub/download/assets/user/main.fxml 。
The only difference between "viewing" and "downloading" a file is what the browser does with the data. “查看”和“下载”文件之间的唯一区别是浏览器对数据的处理方式。 Ultimately, that's in the hands of the user, but the server can indicate what it would like to happen.
最终,这由用户掌握,但是服务器可以指示它想要发生什么。
I suspect you have copied these lines without really understanding what they do: 我怀疑您在没有真正理解它们的作用的情况下复制了这些行:
header('Content-Description: File Transfer');
header('Content-Type: application/octet-stream');
header('Content-Disposition: attachment; filename='.basename($file));
header('Content-Transfer-Encoding: binary');
header('Expires: 0');
header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
header('Pragma: public');
header('Content-Length: ' . filesize($file));
These are all instructions to the browser telling it what to do with the data you send. 这些都是对浏览器的说明,告诉浏览器如何处理您发送的数据。
Content-Disposition
header is used to tell the browser "rather than trying to display this content straight away, suggest the user saves it in a file, with this name". Content-Disposition
标头用于告诉浏览器“而不是试图立即显示此内容,建议用户使用此名称将其保存在文件中”。 To use the browser's default behaviour, you would simply leave off this header, or give it the value inline
. inline
。 Content-Type
header tells the browser what type of file this is. Content-Type
标头告诉浏览器这是什么类型的文件。 The value application/octet-stream
means "just a bunch of bytes, don't try to interpret them in any way". application/octet-stream
意思是“只是一堆字节,不要尝试以任何方式解释它们”。 Obviously, that would be no good for viewing a file in the browser, so you should send an appropriate "MIME type", like text/html
or image/jpeg
, as appropriate for the file you're serving. text/html
或image/jpeg
。 I'm guessing "FXML" is an XML-based format, so text/xml
might be appropriate; text/xml
可能是合适的; or if it's human readable and you just want it displayed without any formatting, use text/plain
. text/plain
。 Ok, I did it myself now. 好吧,我现在自己做。 It was very simple and little code:
这非常简单,几乎没有代码:
$line = file('../../hidden/hub/download/assets/user/main.fxml');
foreach ($line as $num => $output) {
echo $output;
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.