Control access to files available for download(控制对可下载文件的访问)
问题描述
我有一个文件夹,其中包含我的 ZF 应用程序可以向登录用户吐出的上传文档.我希望他们能够使用像 http://server/documents/filename.pdf 这样的链接并下载文件,但我想要一个控制器 DocumentsController使现有用户 cookie 能够验证他们是否已登录并有权下载文件.如果不需要,我不想使用像 http://server/documents/index/id/1 这样的 URL,尽管这不是一个糟糕的选择.
I have a folder that contains uploaded documents that my ZF application can spit out to logged in users. I want them to be able to use a link like http://server/documents/filename.pdf and download the file, but I want to have a controller DocumentsController that enables the existing user cookies to verify that they are logged in and have permission to download the file. I don't want to have to use URLs like http://server/documents/index/id/1 if I don't have to, though its not a terrible option.
推荐答案
您可以使用 X-SendFile 来获得最佳性能.Apache (mod_xsendfile)、Lighttpd 和 Nginx 都支持它.该请求首先由一个 php 进程处理,该进程放置一个特殊的标头(Nginx 的 X-Sendfile 或 X-Accel-Redirect),当脚本结束时,Web 服务器接管并像静态文件一样发送文件.它速度更快,占用的内存更少.
You can use X-SendFile to obtain the best performance. It is supported by Apache (mod_xsendfile), Lighttpd and Nginx. The request is first handled by a php process which put a special header (X-Sendfile or X-Accel-Redirect for Nginx) and when the script end, the web server take over and send the file like a static file. It is faster and use less memory.
要将所有请求重定向到您的控制器,您需要在引导程序中编写自定义路由:
To redirect all the request to your controller, you need to write a custom route in your bootstrap :
protected function _initRouter()
{
$router = Zend_Controller_Front::getInstance()->getRouter();
$documentRoute = new Zend_Controller_Router_Route(
'document/:filename',
array(
'action' => 'xsendfile',
'controller' => 'documents'
),
array(
'filename' => '..+$'
)
);
$router->addRoute('document', $documentRoute );
return $router;
}
您可以使用此操作助手来处理 x-sendfile 标头:http://www.zfsnippets.com/snippets/view/id/27 并且您需要有代码来检查用户是否通过身份验证.
You can use this action helper to handle the x-sendfile header : http://www.zfsnippets.com/snippets/view/id/27 and you need to had code to check if the user is authenticated.
这篇关于控制对可下载文件的访问的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持编程学习网!
本文标题为:控制对可下载文件的访问
- 如何在 Symfony2 中正确使用 webSockets 2021-01-01
- Laravel 5:Model.php 中的 MassAssignmentException 2021-01-01
- 如何使用 Google API 在团队云端硬盘中创建文件夹? 2022-01-01
- Oracle 即时客户端 DYLD_LIBRARY_PATH 错误 2022-01-01
- PHP foreach() 与数组中的数组? 2022-01-01
- 覆盖 Magento 社区模块控制器的问题 2022-01-01
- PHP - if 语句中的倒序 2021-01-01
- 使用 GD 和 libjpeg 支持编译 PHP 2022-01-01
- 如何从数据库中获取数据以在 laravel 中查看页面? 2022-01-01
- openssl_digest vs hash vs hash_hmac?盐与盐的区别HMAC? 2022-01-01
