重定向到域根目录之外的文件
[英]Redirect to a file outside of the domain Root
问题描述
I want to give a file to a person based on the users rank so I need to hide the files in a directory which is hidden. 
我想根据用户等级将文件提供给某人,因此我需要将文件隐藏在隐藏的目录中。
I'm using Plesk and my structure looks like this: 我正在使用Plesk,结构如下:
api (reachable from https://api.pexlab.net)
cloud (reachable from https://cloud.pexlab.net)
default (reachable from https://pexlab.net)
error_docs
hidden (not reachable)
My PHP script is located in: 我的PHP脚本位于:
api/hub/Test.php (reachable from https://api.pexlab.net/hub/Test.php)
I have tried this: 我已经试过了:
# In Test.php
downloadFile("../../hidden/hub/download/assets/user/main.fxml");
# Function:
function downloadFile($file) {
if(file_exists($file)) {
header('Content-Description: File Transfer');
header('Content-Type: application/octet-stream');
header('Content-Disposition: attachment; filename='.basename($file));
header('Content-Transfer-Encoding: binary');
header('Expires: 0');
header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
header('Pragma: public');
header('Content-Length: ' . filesize($file));
ob_clean();
flush();
readfile($file);
exit;
}
}
This method works but I want to redirect to this file (show it) and NOT download it. 此方法有效,但我想重定向到此文件(显示它)而不下载它。 So I have tried using this: 所以我试着用这个:
header("Location: ../../hidden/hub/download/assets/user/main.fxml");
But this tried to redirect to https://api.pexlab.net/hidden/hub/download/assets/user/main.fxml which is invalid. 但这试图重定向到无效的https://api.pexlab.net/hidden/hub/download/assets/user/main.fxml 。
2 个解决方案
解决方案1
1 2018-07-07 09:29:39
The only difference between "viewing" and "downloading" a file is what the browser does with the data. “查看”和“下载”文件之间的唯一区别是浏览器对数据的处理方式。 Ultimately, that's in the hands of the user, but the server can indicate what it would like to happen. 最终,这由用户掌握,但是服务器可以指示它想要发生什么。
I suspect you have copied these lines without really understanding what they do: 我怀疑您在没有真正理解它们的作用的情况下复制了这些行:
header('Content-Description: File Transfer');
header('Content-Type: application/octet-stream');
header('Content-Disposition: attachment; filename='.basename($file));
header('Content-Transfer-Encoding: binary');
header('Expires: 0');
header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
header('Pragma: public');
header('Content-Length: ' . filesize($file));
These are all instructions to the browser telling it what to do with the data you send. 这些都是对浏览器的说明,告诉浏览器如何处理您发送的数据。
- The
Content-Dispositionheader is used to tell the browser "rather than trying to display this content straight away, suggest the user saves it in a file, with this name".Content-Disposition标头用于告诉浏览器“而不是试图立即显示此内容,建议用户使用此名称将其保存在文件中”。 To use the browser's default behaviour, you would simply leave off this header, or give it the valueinline.要使用浏览器的默认行为,您只需忽略此标头,或将其值设置为inline。 - The
Content-Typeheader tells the browser what type of file this is.Content-Type标头告诉浏览器这是什么类型的文件。 The valueapplication/octet-streammeans "just a bunch of bytes, don't try to interpret them in any way".值application/octet-stream意思是“只是一堆字节,不要尝试以任何方式解释它们”。 Obviously, that would be no good for viewing a file in the browser, so you should send an appropriate "MIME type", liketext/htmlorimage/jpeg, as appropriate for the file you're serving.显然,这对于在浏览器中查看文件没有好处,因此您应根据所提供的文件发送适当的“ MIME类型”,例如text/html或image/jpeg。 I'm guessing "FXML" is an XML-based format, sotext/xmlmight be appropriate;我猜“ FXML”是基于XML的格式,因此text/xml可能是合适的; or if it's human readable and you just want it displayed without any formatting, usetext/plain.或者,如果它是人类可读的,并且您只想显示它而没有任何格式,请使用text/plain。
解决方案2
-1 2018-07-07 09:58:28
Ok, I did it myself now. 好吧,我现在自己做。 It was very simple and little code: 这非常简单,几乎没有代码:
$line = file('../../hidden/hub/download/assets/user/main.fxml');
foreach ($line as $num => $output) {
echo $output;
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.