.htaccess - htaccess - disallow direct access to all files except logged in users (PHP) -


using .htacess (deny all) - possible allow users logged in system directly access files? if makes difference site built drupal (php). if possible ideally ideally check user's role well.

you cannot .htaccess alone. need is:

  1. deny file access all
  2. have "file provider" script allows file passthrough after authentication.

example:

proxy.php

<?php  $proxieddirectory = "./files/"; //whatever directory blocked access is. $filename = isset($_get["fn"])?$_get["fn"]:null;  if ($filename === null || !file_exists($proxieddirectory.$filename)) {     http_response_code(404);     exit; }  if (!user_is_authenticated()) { //not real method, use own check     http_response_code(403);     exit; }   $fp = fopen($proxieddirectory.$filename, 'rb');  header("content-type: image/???"); //may need determine mime type somehow header("content-length: " . filesize($proxieddirectory.$filename));  fpassthru($fp); exit;

and you'd use via:

http://example.com/proxy.php?fn=filename.txt


-

Comments

Post a Comment

Popular posts from this blog

c++ - CPP, 'X' button listener -

i'm writing cpp program, , want execute function when 'x'(shut down) button pressed. for example, have infinite loop prints same thing everytime iterates, until 'x' button pressed, , want execute function before process ends. is there kind of listener matter? or other solution maybe (like delaying process shut down few seconds or something)? thanks! if want execute before process ends, can register std::atexit handler. function called before process exits.
Read more

.net - Bulk insert via Dapper is slower than inserting rows one-by-one -

i'm using dapper insert data realtime feed sql server, care performance. recently, noticed strange. out of box, if give dapper collection , insert query, fires insert statements each element. tests show can insert 1800 objects 12 fields in 1 second way (counting connection.execute(...) running time. now, didn't find batch insert functionality in dapper , implemented own (constructing parameter list , sql query). after that, found out can insert 1 batch in 3 seconds (which limited 1000 rows) (again, counting connection.execute(...) calls. so, makes batching 6 times slower sending each row in separate query. can explain me? thought people use batch operations speed process. insert time 1 second @ most. use sql server 2012 standard on local network. table i'm inserting has clustered index on primary key (which bigint field), no non-clustered indexes , triggers. can post code, there's nothing special i'm not sure why using dapper execute extension ...
Read more

shared memory - gstreamer shmsrc and shmsink with h264 data -

i trying share h264 encoded data gstreamer 2 processes(both based on gstreamer).after research way found use shm plugin. trying do gstreamer--->h264 encoder--->shmsink shmrc--->process1 shmrc--->process2 i able raw data videotestsrc , webcam working. h264 encoded data doesn't. test pipeline gst-launch-1.0 videotestsrc ! video/x-raw,width=640,height=480,format=yuy2 ! x264enc ! shmsink socket-path=/tmp/foo sync=true wait-for- connection=false shm-size=10000000 gst-launch-1.0 shmsrc socket-path=/tmp/foo ! avdec_h264 ! video/x- raw,width=640,height=480,framerate=25/1,format=yuy2 ! autovideosink have tried shm plugins h264 encoded data, please help iam not aware of capabilities of sink used in "autovideosink", per knowledge either need use videoconvert if format supported sink (like kmssink or ximagesink) different provided source (in case yuy2) or use videoparse if camera format supported sink. may check using gst-inspect-1...
Read more