stackoom
  简体   繁体   中英

using rewrite rules and php script to protect certain files (based on logged-in session)

 原文  2011-09-12 05:06:26       php/ rewrite/ password-protection

Question

i have a codeigniter website structured like so:

website.org/files/stuff/1/example.pdf

website.org/www/index.php

So all files (many are uploaded through CMS) are stored in a files directory above the web root. however, you can access them directly because there is a server alias in place.

Now, some of the files should only be accessible if the user is logged in. So that means if someone tries to access:

website.org/files/special/2/doc.pdf

It should first hit a php script to see if the user is logged in and if so, load the file.

Can anyone advise me on the simplest method of this please?

1 answers

solution1
 0 ACCPTED  2011-09-12 05:11:43

Add this rule to your .htaccess 

RewriteEngine on
RewriteBase /
RewriteRule ^/files/([.*]+)$ /loadfile\.php?file=$1

That should create a variable $_GET['file'] on loadfile.php which would have the value special/2/doc.pdf . From there you check for your user session and load the file accordingly.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question logged-in session on subdomain PHP: use logged-in cURL session on normal web browser Get username of current logged-in user of joomla using external php script .htaccess rewrite rules for PHP script PHP - Using Session Variables to Protect .docx Files in the same directory PHP Count Logged-In Users Protect files in directory using authentication script in php/apache Am i doing enough to protect a php logged in session? Print all logged-in users in SESSION? .htaccess rewrite rules for two or more PHP files
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM