php smartreadfile_PHP: readfile - Manual

最新推荐文章于 2023-06-09 16:56:22 发布

左耳余音

最新推荐文章于 2023-06-09 16:56:22 发布

阅读量62

点赞数

文章标签： php smartreadfile

本文链接：https://blog.csdn.net/weixin_34293588/article/details/112054647

版权

Using pieces of the forced download script, adding in MySQL database functions, and hiding the file location for security was what we needed for downloading wmv files from our members creations without prompting Media player as well as secure the file itself and use only database queries. Something to the effect below, very customizable for private access, remote files, and keeping order of your online media.

# Protect Script against SQL-Injections

$fileid=intval($_GET[id]);

# setup SQL statement

$sql = " SELECT id, fileurl, filename, filesize FROM ibf_movies WHERE id=' $fileid' ";

# execute SQL statement

$res = mysql_query($sql);

# display results

while ($row = mysql_fetch_array($res)) {

$fileurl = $row['fileurl'];

$filename= $row['filename'];

$filesize= $row['filesize'];

$file_extension = strtolower(substr(strrchr($filename,"."),1));

switch ($file_extension) {

case "wmv": $ctype="video/x-ms-wmv"; break;

default: $ctype="application/force-download";

}

// required for IE, otherwise Content-disposition is ignored

if(ini_get('zlib.output_compression'))

ini_set('zlib.output_compression', 'Off');

header("Pragma: public");

header("Expires: 0");

header("Cache-Control: must-revalidate, post-check=0, pre-check=0");

header("Cache-Control: private",false);

header("Content-Type: video/x-ms-wmv");

header("Content-Type: $ctype");

header("Content-Disposition: attachment; filename=\"".basename($filename)."\";");

header("Content-Transfer-Encoding: binary");

header("Content-Length: ".@filesize($filename));

set_time_limit(0);

@readfile("$fileurl") or die("File not found.");

}

$donwloaded = "downloads + 1";

if ($_GET["hit"]) {

mysql_query("UPDATE ibf_movies SET downloads = $donwloaded WHERE id=' $fileid'");

}

While at it I added into download.php a hit (download) counter. Of course you need to setup the DB, table, and columns. Email me for Full setup// Session marker is also a security/logging option

Used in the context of linking:

http://www.yourdomain.com/download.php?id=xx&hit=1

[Edited by sp@php.net: Added Protection against SQL-Injection]

左耳余音

关注

0
点赞
踩
0

收藏

觉得还不错? 一键收藏
0
评论
php smartreadfile_PHP: readfile - Manual

Using pieces of the forced download script, adding in MySQL database functions, and hiding the file location for security was what we needed for downloading wmv files from our members creations withou...
复制链接

扫一扫