PHP防盗链外部资源下载处理类
以下是自写的简单的PHP防盗链处理类(重新整理编写成类文件,以便后期改进);
/**
*
* 防盗链外部资源下载处理类
*/
class BurglarDow{
/**
* 初始许可下载状态
* @var allow
* @access private
*/
private $allow = false;
/**
* 初始下载地址
* @var dowUrl
* @access private
*/
private $dowUrl = null;
/**
* 初始来路域名
* @var RemoteUrl
* @access private
*/
private $RemoteUrl = null;
/**
* 初始许可资源取用域名列表
* @var allowUrl
* @access private
*/
private $allowUrl = array();
/**
* 初始转跳地址
* @var Location
* @access private
*/
private $Location = null;
public function __construct($dowUrl,$Location,array $allowUrl){
// 初始下载地址
$this->dowUrl = $dowUrl;
// 初始许可资源取用域名列表
$this->allowUrl = $allowUrl;
// 初始转跳地址
$this->Location = $Location;
$this->RemoteUrl = @parse_url($_SERVER['HTTP_REFERER']); // 获取来路域名
if(!is_array($this->RemoteUrl))
header("HTTP/1.1 301 Moved Permanently");
header("Location: ".$this->Location);
if(isset($this->RemoteUrl['host'])){
if(in_array($this->RemoteUrl['host'],$this->allowUrl)){ // 判断是否来至许可域名
$this->allow = true; // 下载许可状态为:真
}
}
unset($this->allowUrl,$this->RemoteUrl); // 释放内存变量
}
/**
* 防盗链资源下载
* @access public
* @return mixed
*/
public function dow(){
$FileInfo = get_headers($this->dowUrl,1); // 获取远程文件头部信息
if(true === $this->allow){ // 判断是否许可下载资源
//判断配置文件是否存在
if(is_file('Config.ini')){
$FileCon = parse_ini_file('Config.ini');
}else{
$FileName = basename($FileInfo['Content-Location']);
$FileConStr = "FileName = {$FileName}\r\nFileUrl = {$FileInfo['Content-Location']}\r\nFileSize = {$FileInfo['Content-Length']}";
$handle = fopen ('Config.ini', "wb"); // Config.ini文件不存在则创建文件
if (fwrite ($handle, $FileConStr) == FALSE) { // 数据写入文件
echo "File creation failed ...";
}
fclose ($handle); // 关闭一个已打开的文件指针
$FileCon = parse_ini_file('Config.ini');
}
if(!empty($$this->dowUrl)){
$fp = @fopen($$this->dowUrl, "rb"); // 二进制模式读取文件
if (!$fp)
exit("Download a mistake.\n\n");
// 输出远程资源
header("Content-type:text/html;charset=utf-8");
header('Content-Description: File Transfer');
header('Content-Type: application/octet-stream');
header('Content-Disposition: attachment; filename='.$FileCon['FileName']);
header("Accept-Ranges: bytes");
header('Content-Transfer-Encoding: binary');
header('Expires: 0');
header('Cache-Control:must-revalidate,post-check=0,pre-check=0');
header('Pragma: public');
header('Content-Length: '.$FileCon['FileSize']);
while (!feof($fp)){
set_time_limit(0); // 设置文件最长执行时间
echo fread($fp, 1024); // 输出文件
flush(); // 输出缓冲
ob_flush(); // 输出缓冲区中的内容
}
fclose($fp);
}else{
header("HTTP/1.1 404 Not Found");
}
}else{
header("HTTP/1.1 301 Moved Permanently");
header("Location: ".$this->Location);
}
}
}
// 远程资源地址
$dowUrl = 'http://dldir1.qq.com/qqfile/qq/QQ5.1/10055/QQ5.1.exe';
// 转跳地址
$Location = 'http://www.scutephp.com';
// 许可来路域名列表
$allowUrl = array(
'blog.emtalk.net',
);
$BurglarDow = new BurglarDow($dowUrl,$Location,$allowUrl);
$BurglarDow -> dow();
Explain the concept of a PHP session in simple terms.Apr 26, 2025 am 12:09 AMPHPsessionstrackuserdataacrossmultiplepagerequestsusingauniqueIDstoredinacookie.Here'showtomanagethemeffectively:1)Startasessionwithsession_start()andstoredatain$_SESSION.2)RegeneratethesessionIDafterloginwithsession_regenerate_id(true)topreventsessi
How do you loop through all the values stored in a PHP session?Apr 26, 2025 am 12:06 AMIn PHP, iterating through session data can be achieved through the following steps: 1. Start the session using session_start(). 2. Iterate through foreach loop through all key-value pairs in the $_SESSION array. 3. When processing complex data structures, use is_array() or is_object() functions and use print_r() to output detailed information. 4. When optimizing traversal, paging can be used to avoid processing large amounts of data at one time. This will help you manage and use PHP session data more efficiently in your actual project.
Explain how to use sessions for user authentication.Apr 26, 2025 am 12:04 AMThe session realizes user authentication through the server-side state management mechanism. 1) Session creation and generation of unique IDs, 2) IDs are passed through cookies, 3) Server stores and accesses session data through IDs, 4) User authentication and status management are realized, improving application security and user experience.
Give an example of how to store a user's name in a PHP session.Apr 26, 2025 am 12:03 AMTostoreauser'snameinaPHPsession,startthesessionwithsession_start(),thenassignthenameto$_SESSION['username'].1)Usesession_start()toinitializethesession.2)Assigntheuser'snameto$_SESSION['username'].Thisallowsyoutoaccessthenameacrossmultiplepages,enhanc
What are some common problems that can cause PHP sessions to fail?Apr 25, 2025 am 12:16 AMReasons for PHPSession failure include configuration errors, cookie issues, and session expiration. 1. Configuration error: Check and set the correct session.save_path. 2.Cookie problem: Make sure the cookie is set correctly. 3.Session expires: Adjust session.gc_maxlifetime value to extend session time.
How do you debug session-related issues in PHP?Apr 25, 2025 am 12:12 AMMethods to debug session problems in PHP include: 1. Check whether the session is started correctly; 2. Verify the delivery of the session ID; 3. Check the storage and reading of session data; 4. Check the server configuration. By outputting session ID and data, viewing session file content, etc., you can effectively diagnose and solve session-related problems.
What happens if session_start() is called multiple times?Apr 25, 2025 am 12:06 AMMultiple calls to session_start() will result in warning messages and possible data overwrites. 1) PHP will issue a warning, prompting that the session has been started. 2) It may cause unexpected overwriting of session data. 3) Use session_status() to check the session status to avoid repeated calls.
How do you configure the session lifetime in PHP?Apr 25, 2025 am 12:05 AMConfiguring the session lifecycle in PHP can be achieved by setting session.gc_maxlifetime and session.cookie_lifetime. 1) session.gc_maxlifetime controls the survival time of server-side session data, 2) session.cookie_lifetime controls the life cycle of client cookies. When set to 0, the cookie expires when the browser is closed.
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
Video Face Swap
Swap faces in any video effortlessly with our completely free AI face swap tool!
Hot Article
Hot Tools
SecLists
SecLists is the ultimate security tester's companion. It is a collection of various types of lists that are frequently used during security assessments, all in one place. SecLists helps make security testing more efficient and productive by conveniently providing all the lists a security tester might need. List types include usernames, passwords, URLs, fuzzing payloads, sensitive data patterns, web shells, and more. The tester can simply pull this repository onto a new test machine and he will have access to every type of list he needs.
Zend Studio 13.0.1
Powerful PHP integrated development environment
VSCode Windows 64-bit Download
A free and powerful IDE editor launched by Microsoft
MantisBT
Mantis is an easy-to-deploy web-based defect tracking tool designed to aid in product defect tracking. It requires PHP, MySQL and a web server. Check out our demo and hosting services.
Notepad++7.3.1
Easy-to-use and free code editor
