发表新帖
发表新帖

How to securely store files on a server

前端 未结
关注
3 1757
长发绾君心
长发绾君心 2021-01-12 03:54

What I\'m Doing:

I basically need to create a website secured by a login page written in PHP that once logged in, you have a search bar that reads i

相关标签:
3条回答
  • 别跟我提以往
    2021-01-12 04:30

    you can do it this way write a resource serve in php like this

    image.php?requestid=.....

    in that file you get requestid and read actual link(local link) from database, read image file then output data to browser

    $id = $_GET['requestid'];
$link = get_local_link_from_id($id);  // return /images/file1.png......
$data = file_get_contents($link);
header('Content-Type', 'image/png');
echo $data;

    But i think you should not do that, just rename file randomly and create a lot of them....

    0 讨论(0)
  • 花落未央
    2021-01-12 04:41

    A recommended way of handling file downloads via PHP (or any other script) is by using the so called 'X-Sendfile' response header.

    The PHP script handles the authentication and once validated it will set a few response headers together with an 'X-Sendfile' that tells the web server to deliver a file; the script ends and the web server takes over.

    See here for a simple example:

    http://www.jasny.net/articles/how-i-php-x-sendfile/

    0 讨论(0)
  • 鱼传尺愫
    2021-01-12 04:42

    this may be overkill for your situtation, but this is how i am thinking about doing it on an app i am developing:

    first, there are 4 servers, a web server, a middle ware server, and a data server

    when someone sends a request to the web server, the web server connects to the middleware server and requests the file, passing along the user credential like a session key and the file requested. the middleware connects to the db and validates the session adn that users privileges to that file. it will return either an error, or the binary data if they have access. if you turn off output buffering on both the web server and the middleware server, you can send 100k blocks from the middleware server to the web server, and the web server will output the first block while it's receiving the second block.

    the file itself can be stored on the database server via ftp, sftp, or other filesharing

    it's definitely not as efficient as using x-sendfile, but if someone is able to pwn your web server, they will still not have access to the file - in the scenarios above, they would. the web server is the only public server, so the rest of the servers should be connected on a private network.

    you can also send the data to an encryption server that will encrypt/decrypt the actual file data

    if anyone has any ideas on how to improve on this, i am interested.

    0 讨论(0)
 看不清?
提交回复
热议问题