Manual of PHP

  
 
 

Web map

  
rim   rim
arrowReady frontarrow of Codes PHParrow to Protect You Discharge into PHP

 

To protect You Discharge into PHP To print E-mail

Often, from another web page, they connect straight to a file of our servant, this overloads nuesto band without bringing any benefit, to avoid it we can take some measures at the time of sending the file.

Comprovar the modality
We can restrict to that it is possible only to unload the file when one comes from a certain page, this would be effective if there were no users who navigate behind proxys that eliminate the modality, in this case none of these users might unload neither the file or that was coming from the correct page.

To use a cookie
In my opinion this method is more effective, we will keep a cookie on the page where we place the linkage towards our discharge, this way then we will be able to verify that préviamente it has passed for this page, that is to say, that the discharge is authorized:

<? php
//This has to be at the beginning of

//quite of the document before sending nothing
//to the navigator (not even a space)
//otherwise we will have an error
setcookie (it 'discharges', '1');
?>

Then we will place the file to be unloaded in a secret folder which we will name aleatório so that it is not easy to find, for example 23hi938fdfgh39, and will create the following file:

descargar.php

<? php
//We indicate the name of the directório
it defines ('dir', '23hi938fdfgh39');
//Comprovamos that the cookie exists
if ($_COOKIE ['discharge] == '1') {
//If the cookie exists we try
  //to read the file
$archivo = $_GET [I 'file'];
  if (file_exists (dir. '/'. $archivo)) {
//If the file exists we send it
header ('Content-Type: application/octet-stream');
header ('Content-Disposition: attachment; filename ='. $archivo);
    I begin file_get_contents (dir. '/'. $archivo);
  } else {
//But the file exists we send
    //an error 404
header ('HTTP/1.0 404 Not Found');
    I begin '<h1> ERROR </h1> <br/> not h',
'to found the file the sun',
'icitado';
  }
} else {
//But there is cookie we send an error
  //401
header ('HTTP/1.0 401 Unauthorized');
  I begin '<h1> ERROR </h1> <br/> you cannot',
'to gain access to this file from',
'an external servant';
}
?>

Then from the page where we have created the cookie we can call to unload the file doing a linkage hácia descargar.php?archivo=NOMBRE.ZIP, for example:

<to href = "descargar.php?archivo=chat.zip"> to Discharge </to>

And with this simple method we will have protected our files of the external discharge by means of cookies.

Article for courteousness of Eloi of St Martin
www.programacionweb.net

 

  
Front
Chapters of the Manual of PHP
Introduction to PHP
Variables
My First Script PHP
Operators in PHP
Structures of Control
Functions in PHP
Code inclusion
Counterfoils (array)
Chains of Characters
Classes
Dates
Entry and Exit
Operations with Files
The language SQL and PHP
Connection with MySQL
Meetings
Forms with PHP
To practise in line
List of practices in line
FAQ
Frequent questions
Codes PHP
List of Codes PHP
Forums
Forums PHP
Other Manuals
Manuals of other languages
 
   
 
 
MySpaceScripts.info - Sitemap - Contact us - Sitemap - Contact us - Sitemap - Contact us

Used Jeep , grout color sealing , bílé víno , Hotels Booking , suché víno , hollywood gossips , Reklama internetowa