我目前正在使用此代码隐藏下载链接,但它为一些用户提供了未完成的下载。我不知道为什么,但是有太多的用户向我报告了这个问题。我当前的代码是:
file = "../".$realFileName;
$fakeFileName= 'Upbaz.ir-'.base64_decode($_GET['ffname']);
$fp = fopen($file, 'rb');
header("Content-Type: application/octet-stream");
header("Content-Disposition: attachment; filename=$fakeFileName");
header("Content-Length: " . filesize($file));
fpassthru($fp);
有人知道隐藏下载链接的其他方法吗?
这个脚本将处理文件的下载,它包括一个缓冲区/不同的文本类型(如果您愿意的话)。隐藏链接的一个好方法是将文件放在受保护的目录中,并将链接存储在数据库中。用户看到一个ID或一个与文件绑定的会话,服务器找到该文件并为其提供服务
if ($fd = fopen ($fullPath, "r")) {
$fsize = filesize($fullPath);
$path_parts = pathinfo($fullPath);
$ext = strtolower($path_parts["extension"]);
switch ($ext) {
case "txt":
header("Content-type: application/txt"); // add here more headers for diff. extensions
header("Content-Disposition: attachment; filename='"".$path_parts["basename"]."'""); // use 'attachment' to force a download
break;
default:
header("Content-type: application/octet-stream");
header("Content-Disposition: attachment; filename='"".$path_parts["basename"]."'"");
}
header("Content-length: $fsize");
header("Cache-control: private"); //use this to open files directly
while(!feof($fd)) {
$buffer = fread($fd, 2048);
echo $buffer;
}
}
fclose ($fd);
.htaccess来保护目录(您应该有一个只用于这些文件的目录
deny from all
以上脚本修改为您的:
$file = "../".$realFileName;
$fakeFileName= 'Upbaz.ir-'.base64_decode($_GET['ffname']);
if ($fd = fopen ($file, "r")) {
$fsize = filesize($file);
header("Content-type: application/octet-stream");
header("Content-Disposition: attachment; filename='"$fakename'"");
header("Content-length: $fsize");
header("Cache-control: private"); //use this to open files directly
while(!feof($fd)) {
$buffer = fread($fd, 2048);
echo $buffer;
}
}
fclose ($fd);
增加脚本运行eq 的时间
@set_time_limit(120);