实现php文件安全下载

实现php文件安全下载！

public function down(){

           $file_name = $_REQUEST['file'];
           $file_dir = "/目录/";
           $dir = $_SERVER['DOCUMENT_ROOT'];
           $path = $dir . $file_dir . $file_name; //要写绝对路径。不能写相对路径
            
            if (!file_exists($path)) { //检查文件是否存在
            echo "<meta http-equiv='Content-Type'' content='text/html; charset=utf-8'>";
            echo "文件找不到";
            exit;
            } else {
            $file = fopen($path,"r"); // 打开文件
            // 输入文件标签
            Header("Pragma: public");
            Header("Expires: 0");
            Header("Cache-Control: must-revalidate, post-check=0, pre-check=0");
            Header("Cache-Control: public");
            Header("Content-Description: File Transfer");
            Header("Content-type: application/octet-stream");
            Header("Accept-Ranges: bytes");
            Header("Accept-Length: ".filesize($path));
            Header("Content-Disposition: attachment; filename=" . $file_name);
            // 输出文件内容
 
           echo fread($file,filesize($path));
          
            fclose($file);
            exit();
            }

}