使用重写规则和php脚本保护某些文件(基于登录的会话)
[英]using rewrite rules and php script to protect certain files (based on logged-in session)
问题描述
i have a codeigniter website structured like so: 
我有一个结构如下的Codeigniter网站:
website.org/files/stuff/1/example.pdf website.org/files/stuff/1/example.pdf
website.org/www/index.php website.org/www/index.php
So all files (many are uploaded through CMS) are stored in a files directory above the web root. 因此,所有文件(许多文件是通过CMS上传的)都存储在Web根目录上方的文件目录中。 however, you can access them directly because there is a server alias in place. 但是,由于有服务器别名,因此您可以直接访问它们。
Now, some of the files should only be accessible if the user is logged in. So that means if someone tries to access: 现在,只有在用户登录后,才能访问某些文件。这意味着如果有人尝试访问:
website.org/files/special/2/doc.pdf website.org/files/special/2/doc.pdf
It should first hit a php script to see if the user is logged in and if so, load the file. 它应该首先命中一个php脚本,以查看用户是否已登录,如果已登录,请加载文件。
Can anyone advise me on the simplest method of this please? 有人可以给我建议最简单的方法吗?
1 个解决方案
解决方案1
0 已采纳 2011-09-12 05:11:43
Add this rule to your .htaccess 将此规则添加到您的.htaccess
RewriteEngine on
RewriteBase /
RewriteRule ^/files/([.*]+)$ /loadfile\.php?file=$1
That should create a variable $_GET['file'] on loadfile.php which would have the value special/2/doc.pdf . 那应该在loadfile.php上创建一个变量$_GET['file'] ,其值将为special/2/doc.pdf 。 From there you check for your user session and load the file accordingly. 从那里检查用户会话并相应地加载文件。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.