How to limit file downloads on PHP server?

How to limit file downloads on PHP server?

When developing a website or application, sometimes we need to restrict users from downloading specific files. This restriction is typically used to protect sensitive information or premium content and ensure users comply with the terms of service. On the PHP server, we can implement file download restrictions through some simple methods. In this article, we will discuss how to limit file downloads on a PHP server and provide specific code examples.

The first method is to limit file downloads by using PHP's header() function. The header() function is used to send original HTTP header information, and you can limit file downloads by setting the Content-Disposition header. The specific code example is as follows:

<?php
$file = 'example.pdf'; // 要下载的文件名

// 判断用户是否已登录或具有下载权限
if ($user_logged_in && $user_has_download_permission) {
    header('Content-Description: File Transfer');
    header('Content-Type: application/pdf'); // 设置文件类型
    header('Content-Disposition: attachment; filename="'.basename($file).'"'); // 设置下载文件名
    header('Expires: 0');
    header('Cache-Control: must-revalidate');
    header('Pragma: public');
    header('Content-Length: ' . filesize($file)); // 设置文件大小
    readfile($file); // 输出文件内容
    exit;
} else {
    echo '您没有下载权限';
}
?>

In the above example, we first determine whether the user is logged in and has download permission. If the user meets the conditions, we set the Content-Disposition header to tell the browser to download the file as an attachment. We then output the file contents and exit the script. If the user does not have download permission, we output a message telling the user that they cannot download the file.

Another method is to implement file download restrictions by using .htaccess files. Create a file called .htaccess on the server and add the following code:

<Files "example.pdf">
    Order Deny,Allow
    Deny from all
</Files>

The above code will prevent users from directly accessing the example.pdf file. If a user attempts to access the file directly, they will receive a 403 Forbidden error message. You can add more file limits as needed.

In general, restricting file downloads can help us protect sensitive information and paid content and ensure that users comply with the terms of service. Whether through PHP's header() function or through the .htaccess file, we can easily implement file download restrictions. When using these methods, be sure to test carefully and take user experience into consideration to ensure users are properly accessing the files they have permission to download.

The above is the detailed content of How to limit file downloads on PHP server?. For more information, please follow other related articles on the PHP Chinese website!