php - URL Rewriting to Privately Access Files -

-

i'm trying build simple website going let users upload files, , privately share them other designated users. problem is: don't want able type in url file able (then see it).

i decided try using .htaccess prevent direct url access, however, cannot figure out how access file myself. of uploaded files going go subfolder called "restricted".

my ".htaccess" file is:

rewriteengine on rewritecond {%query_string} !^.*key=secret.*$ [nc] rewriterule ^restricted/(.*)$ showfile.php?file=$1

my "showfile.php" file:

<?php echo file_get_contents('[...]/restricted/'.$_get['file'].'?key=secret'); ?>

however, when open "restricted/test.txt" or other file in restricted folder, redirects "showfile.php?file=test.txt", however, php error:

warning: file_get_contents([...]/restricted/test.txt?key=secret) [function.file-get-contents]: failed open stream: no such file or directory in [...]/showfile.php on line 10

it seems though query string contains "key=secret", still trying redirect.

what want: want redirect on direct url access, can access through php page it's redirected to.

if want access file http resource instead of direct disk access (like in question), can following:

code in .htaccess (placed "nonpublic_test" folder):

rewriteengine on rewritecond %{request_uri} ^.*/restricted/.*$ [nc] rewritecond %{query_string} !^.*key=secret.*$ [nc] rewriterule ^(.*)$ /$1 [r=403,l]

then in showfile.php:

<?php echo file_get_contents('http://www.domain.name.here/restricted/'.$_get['file'].'?key=secret'); ?>

this prevent access restricted folder , contents still allow showfile.php script access file inside folder , output it.


Comments

Post a Comment

Popular posts from this blog

html - Firefox flex bug applied to buttons? -

-
i'm trying apply flex button on firefox i'm having problem on chrome doesn't happens. this css: .button { display: inline-flex; align-items: center; } as can see in fiddle, "caret" word moved new line, happens if element <button> tag, <div> works expected. http://codepen.io/anon/pen/xblmgx is firefox bug or there css i'm missing? nevermind, looks "mr firefox" doesn't idea... <button> not implementable (by browsers) in pure css, bit of black box, perspective of css. means don't react in same way e.g. <div> would. this isn't specific flexbox -- e.g. don't render scrollbars if put "overflow:scroll" on button, , don't render table if put "display:table" on it. stepping further, isn't specific <button> . consider <fieldset> , <table> have special rendering behavior: data:text/html,<fieldset style="d...
Read more

html - Missing border-right in select on Firefox -

-
Image
when put select div width , padding-left, options have no border on right. more, happend if select have width 118px , parent have 15px of padding left! have idea, going on? my code: <!doctype html> <html> <head lang="en"> </head> <body> <div style="width: 1000px; padding-left: 15px;"> <select style="width: 118px;"> <option>a</option> <option>b</option> <option>c</option> </select> </div> </body> </html> and result: here plunker: click it happend on firefox on windows. tested on 40.0.2 version -webkit-box-sizing: border-box; -moz-box-sizing: border-box; -ms-box-sizing: border-box; box-sizing: border-box; source: https://stackoverflow.com/a/11390432/4431269 source of problem: https://bugzilla.mozilla.org/show_bug.cgi?id=924068 and use of google ! edit: (source of problem, explained) after rea...
Read more

python - build a suggestions list using fuzzywuzzy -

-
i building suggestion engine database. i'm using fuzzywuzzy module match user input string existing database shown below. if request.method == "get": display_dict = {} user_input = request.get["user_input"] # user input match_dict = {} food_items_obj = food_items.objects.all() # fetch objects table items in food_items_obj : match = fuzz.ratio(user_input.lower(),items.name.lower()) # try match user input existing names match_dict[match] = items.name # put 1 dictionary matched_dict = ordereddict(sorted(match_dict.items(),reverse = true)) # sort dictionary if max(matched_dict.keys()) == 100: # if exact match put in dict , return display_dict[100] = matched_dict[100] else : # if not found try best matching words.. ###########this part need help! ############# k,v in matched_dict.items(): if user_input in v : display_dict[k]...
Read more