該腳本將處理文件的下載,它包括一個緩衝/不同類型的分機(如果你願意的話)。隱藏鏈接的好方法是將文件放在受保護的目錄中,並將鏈接存儲在數據庫中。用戶看到與文件綁定的ID或會話,服務器找到並提供文件。
if ($fd = fopen ($fullPath, "r")) {
$fsize = filesize($fullPath);
$path_parts = pathinfo($fullPath);
$ext = strtolower($path_parts["extension"]);
switch ($ext) {
case "txt":
header("Content-type: application/txt"); // add here more headers for diff. extensions
header("Content-Disposition: attachment; filename=\"".$path_parts["basename"]."\""); // use 'attachment' to force a download
break;
default:
header("Content-type: application/octet-stream");
header("Content-Disposition: attachment; filename=\"".$path_parts["basename"]."\"");
}
header("Content-length: $fsize");
header("Cache-control: private"); //use this to open files directly
while(!feof($fd)) {
$buffer = fread($fd, 2048);
echo $buffer;
}
}
fclose ($fd);
的.htaccess保護目錄(你應該有一個目錄只有這些文件
deny from all
上面的腳本修改爲你的:
$file = "../".$realFileName;
$fakeFileName= 'Upbaz.ir-'.base64_decode($_GET['ffname']);
if ($fd = fopen ($file, "r")) {
$fsize = filesize($file);
header("Content-type: application/octet-stream");
header("Content-Disposition: attachment; filename=\"$fakename\"");
header("Content-length: $fsize");
header("Cache-control: private"); //use this to open files directly
while(!feof($fd)) {
$buffer = fread($fd, 2048);
echo $buffer;
}
}
fclose ($fd);
我必須在服務器上安裝patchinfo,因爲我現在沒有它 – 2013-02-21 17:00:52
[pathinfo](http://php.net/manual/en/function.pathinfo.php)是一個內置的PHP函數,你真的需要Ť他的文件有不同的名稱,或僅僅是爲了保護他們找到真正的文件? – UnholyRanger 2013-02-21 17:02:21
和它的類似我的代碼沒有不同...你確定我沒有打破與此下載? – 2013-02-21 17:03:39