[英]Restricting images from direct url download
I asked this question a while ago and got an answer that I thought would work but I'm still having an issue. 不久前我问了这个问题,得到了我认为可以解决的答案,但是我仍然遇到问题。 Maybe it's something I'm doing wrong but I still don't have this right.
也许这是我做错了,但我仍然没有这个权利。
I want to restrict access to an entire directory. 我想限制对整个目录的访问。 This directory has images and pdf files in it.
此目录中包含图像和pdf文件。 I need to create a link to the pdf documents and embed in an anchor tag, the images.
我需要创建一个指向pdf文档的链接,并将其嵌入锚标签(图像)中。 I was told to use header for this.
有人告诉我为此使用标头。 Using header immediately outputs the content which works great for the pdf document but I have to embed 3 images from the same directory and this doesn't work because header outputs the image before the html and that's correct behavior.
使用标头会立即输出对pdf文档非常有用的内容,但我必须从同一目录嵌入3张图像,但这不起作用,因为标头在html之前输出图像,这是正确的行为。
I need a way to assign the image to a variable so that I can embed it where I need it after the html has been outputted. 我需要一种将图像分配给变量的方法,以便可以在输出html之后将其嵌入到需要的位置。 Any ideas?
有任何想法吗?
Here is a link to my last question. 这是我最后一个问题的链接。 How to restrict viewing files within a directory
如何限制查看目录中的文件
Move images outside public Document Root of your host, or restrict access to them with .htaccess like 将图像移到主机的公共文档根目录之外,或使用.htaccess限制访问它们,例如
<FilesMatch "\.(gif|png|jpe?g)$">
Order Allow,Deny
Deny from all
</FilesMatch>
And send images with PHP script, that will check user session and send the image only if user is logged in. 并使用PHP脚本发送图像,该脚本将检查用户会话并仅在用户登录后才发送图像。
//... your session checking routine just like in other scripts
if (!$logged) {
//show error
exit();
}
//Simple extention-to-mimetype map:
$mimetypes = array(
'.jpg' => 'image/jpeg'
'.jpeg'=> 'image/jpeg'
'.pdf' => 'application/pdf'
//add other extensions if needed
);
$file = basename($_GET['file']); //preventing tricks with ../../anypath/anyfile
$ext = substr($file, strrpos($file, '.'));
if (file_exists($images_dir . $file) && isset($mimetypes[$ext]) ) {
header('Content-Type: ' . $mimetypes[$ext]);
echo file_get_contents($images_dir . $file);
} else {
//show error
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.