Welcome to OStack Knowledge Sharing Community for programmer and developer-Open, Learning and Share
Welcome To Ask or Share your Answers For Others

Categories

0 votes
319 views
in Technique[技术] by (71.8m points)

php - How to password protect files (images, video, zip) dynamically from public and allow access to members only?

It's a common problem, solved many times, but for some reason i cannot find the right information.

Some constraints and requirements:

  • Technique for LAMP stack.
  • Fine-grained control of which files are accessible.
  • No basic authentication with htpasswd files, i want to provide a custom login frontend.
  • Should be able to securely protect and serve big video files

How do all those sites protect their files from public without using basic authentication?

Thanks!

A similar question: Performance-oriented way to protect files on PHP level?

See Question&Answers more detail:os

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome To Ask or Share your Answers For Others

1 Answer

0 votes
by (71.8m points)

You would usually redirect any requests for the media files to a PHP script. The PHP script does the login authentication, and on success, loads the requested media file from a protected location, and passes it through to the browser, for example using fpassthru() or fread().

You can set up a very elegant solution using a set of mod_rewrite instructions, for example rewriting

www.example.com/media/music.mp3

internally to

www.example.com/media/index.php?file=music.mp3

the method is not cheap, as the PHP interpreter has to be started for every download, and pass through every byte of the file. For a discussion of possible alternatives, I asked a question about that a few months back: Performance-oriented way to protect files on PHP level?


与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome to OStack Knowledge Sharing Community for programmer and developer-Open, Learning and Share
Click Here to Ask a Question

...