RError.com

RError.com Logo RError.com Logo

RError.com Navigation

  • 主页

Mobile menu

Close
  • 主页
  • 系统&网络
    • 热门问题
    • 最新问题
    • 标签
  • Ubuntu
    • 热门问题
    • 最新问题
    • 标签
  • 帮助
主页 / 问题 / 1562969
Accepted
BlackStar1991
BlackStar1991
Asked:2024-01-24 04:33:10 +0000 UTC2024-01-24 04:33:10 +0000 UTC 2024-01-24 04:33:10 +0000 UTC

WP 文件访问需要密码吗?

  • 772

请告诉我如何WordPress组织对文件的访问,但仅在执行特定操作之后?我们假设在页面上输入密码后。

这是一个用户,他在网站上拥有某种角色,然后他支付服务费用,并且假设收到一个密码,用于从网站服务器下载某个文件。假设 Comics.pdf 是一个文件。如何组织这个?就像一个被/uploads/2024/01/comics.pdf锁定而无法索引和第三方访问的文件,但如果用户有密钥,则给他下载该文件的机会。

wordpress
  • 2 2 个回答
  • 51 Views

2 个回答

  • Voted
  1. Best Answer
    KAGG Design
    2024-01-25T16:54:02Z2024-01-25T16:54:02Z

    有像 Easy Digital Downloads 这样的插件,它提供虚拟链接并控制谁访问它以及多少次。验证后,他们通过此链接发送文件。一切都在那里,包括付款。

    如果你需要用自己的代码来做,那么数据库中必须有你自己的表,其中包含虚拟链接和真实文件的对应关系。必须拒绝对真实文件的访问。所有虚拟链接都会拦截其代码,检查权限,查看表格并发送文件。

    下面是一个用于处理虚拟链接并计算下载次数的类的示例。您可以为其添加用户权限检查。

    <?php
    /**
     * Class to hide file download links and count download number.
     *
     * @package kagg-downloader
     */
    
    /**
     * Class Downloader.
     *
     * Requires the following table in database:
     *
     * CREATE TABLE `wp_downloads` (
     * `id` bigint(20) UNSIGNED NOT NULL,
     * `url` varchar(355) CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci NOT NULL DEFAULT '',
     * `download_link` varchar(100) CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci NOT NULL DEFAULT '',
     * `count` bigint(20) UNSIGNED NOT NULL DEFAULT '0'
     * ) ENGINE=InnoDB DEFAULT CHARSET=utf8;
     */
    class Downloader {
    
        /**
         * Class table name.
         */
        private const TABLE = 'downloads';
    
        /**
         * Class table name.
         *
         * @var string $table
         */
        protected static string $table;
    
        /**
         * Base of download links.
         *
         * @var string $link_base
         */
        protected static string $link_base = '/downloads/';
    
        /**
         * Downloader constructor.
         */
        public function __construct() {
            global $wpdb;
    
            self::$table = $wpdb->prefix . self::TABLE;
            add_action( 'init', [ $this, 'rewrite_download_link' ] );
        }
    
        /**
         * Get download link from url.
         *
         * @param string $url Download URL.
         *
         * @return string
         */
        public static function get_link( string $url ): string {
            global $wpdb;
    
            $table = $wpdb->prefix . self::TABLE;
    
            // phpcs:disable WordPress.DB.DirectDatabaseQuery.DirectQuery, WordPress.DB.DirectDatabaseQuery.NoCaching
            $record = $wpdb->get_row(
            // phpcs:ignore WordPress.DB.PreparedSQL.InterpolatedNotPrepared
                $wpdb->prepare( "SELECT download_link FROM $table WHERE url = %s", $url )
            );
    
            // phpcs:enable WordPress.DB.DirectDatabaseQuery.DirectQuery, WordPress.DB.DirectDatabaseQuery.NoCaching
    
            return $record->download_link ?? '';
        }
    
        /**
         * Get url from download link.
         *
         * @param string $download_link Download link.
         *
         * @return string
         */
        public static function get_url( string $download_link ): string {
            global $wpdb;
    
            $table = $wpdb->prefix . self::TABLE;
    
            // phpcs:disable WordPress.DB.DirectDatabaseQuery.DirectQuery, WordPress.DB.DirectDatabaseQuery.NoCaching
            $record = $wpdb->get_row(
            // phpcs:ignore WordPress.DB.PreparedSQL.InterpolatedNotPrepared
                $wpdb->prepare( "SELECT url FROM $table WHERE download_link = %s", $download_link )
            );
    
            // phpcs:enable WordPress.DB.DirectDatabaseQuery.DirectQuery, WordPress.DB.DirectDatabaseQuery.NoCaching
    
            return $record->url ?? '';
        }
    
        /**
         * Get download count.
         *
         * @param string $url Download URL.
         *
         * @return int
         */
        public static function get_count( string $url ): int {
            global $wpdb;
    
            $table = $wpdb->prefix . self::TABLE;
    
            // phpcs:disable WordPress.DB.DirectDatabaseQuery.DirectQuery, WordPress.DB.DirectDatabaseQuery.NoCaching
            $record = $wpdb->get_row(
            // phpcs:ignore WordPress.DB.PreparedSQL.InterpolatedNotPrepared
                $wpdb->prepare( "SELECT count FROM $table WHERE url = %s", $url )
            );
    
            // phpcs:enable WordPress.DB.DirectDatabaseQuery.DirectQuery, WordPress.DB.DirectDatabaseQuery.NoCaching
    
            return $record->count ?? - 1;
        }
    
        /**
         * Create new download link from $url.
         *
         * @param string $url Download URL.
         *
         * @return string
         */
        public static function create( string $url ): string {
            global $wpdb;
    
            $download_link = self::get_link( $url );
            if ( $download_link ) {
                return $download_link;
            }
    
            $download_link = self::$link_base . wp_hash( $url );
    
            $data = [
                'url'           => $url,
                'download_link' => $download_link,
            ];
    
            // phpcs:disable WordPress.DB.DirectDatabaseQuery.DirectQuery
            $result = $wpdb->insert( self::$table, $data );
    
            // phpcs:enable WordPress.DB.DirectDatabaseQuery.DirectQuery
    
            return $result ? $download_link : '';
        }
    
        /**
         * Rewrite download link by its url.
         * Increase download count.
         */
        public function rewrite_download_link(): void {
            $uri = '';
    
            if ( isset( $_SERVER['REQUEST_URI'] ) ) {
                $uri = filter_var( wp_unslash( $_SERVER['REQUEST_URI'] ), FILTER_SANITIZE_FULL_SPECIAL_CHARS );
            }
    
            $path = wp_parse_url( $uri, PHP_URL_PATH );
    
            if ( 0 === strpos( trailingslashit( $path ), self::$link_base ) ) {
                $download_link = untrailingslashit( $path );
                $url           = self::get_url( $download_link );
                if ( $url ) {
                    $this->increment_count( $url );
                    self::download_file( $url );
                }
            }
        }
    
        /**
         * Download file.
         *
         * @param string $url file url.
         */
        private static function download_file( string $url ): void {
            if ( ! $url ) {
                return;
            }
    
            $file_path = realpath( untrailingslashit( ABSPATH ) . wp_make_link_relative( $url ) );
    
            if ( ! $file_path ) {
                return;
            }
    
            $file_name = rawurlencode( pathinfo( $file_path, PATHINFO_FILENAME ) );
    
            $file_extension = rawurlencode( pathinfo( $file_path, PATHINFO_EXTENSION ) );
    
            $file_size = filesize( $file_path );
    
            $known_content_types = [
                'html' => 'text/html',
                'htm'  => 'text/html',
                'txt'  => 'text/plain',
                'jpg'  => 'image/jpg',
                'jpeg' => 'image/jpg',
                'png'  => 'image/png',
                'gif'  => 'image/gif',
                'tiff' => 'image/tiff',
                'pdf'  => 'application/pdf',
                'doc'  => 'application/msword',
                'docx' => 'application/msword',
                'xls'  => 'application/vnd.ms-excel',
                'xlsx' => 'application/vnd.ms-excel',
                'ppt'  => 'application/vnd.ms-powerpoint',
                'pptx' => 'application/vnd.ms-powerpoint',
                'php'  => 'text/plain',
                'exe'  => 'application/octet-stream',
                'zip'  => 'application/zip',
            ];
    
            $content_type = 'application/force-download';
    
            if ( array_key_exists( $file_extension, $known_content_types ) ) {
                $content_type = $known_content_types[ $file_extension ];
            }
    
            header( 'Expires: 0' );
            header( 'Cache-Control: no-cache, no-store, must-revalidate' );
            header( 'Cache-Control: pre-check=0, post-check=0, max-age=0', false );
            header( 'Pragma: no-cache' );
            header( "Content-type: $content_type" );
            header( "Content-Disposition:attachment; filename=$file_name.$file_extension" );
            header( 'Content-Transfer-Encoding: binary' );
            header( "Content-Length: $file_size" );
    
            // phpcs:ignore WordPress.WP.AlternativeFunctions.file_system_operations_readfile
            readfile( $file_path );
            exit();
        }
    
        /**
         * Increment count.
         *
         * @param string $url Download URL.
         */
        private function increment_count( string $url ): void {
            global $wpdb;
    
            if ( ! apply_filters( 'downloader_increment_count', true, $url ) ) {
                return;
            }
    
            $count = self::get_count( $url );
    
            $data  = [ 'count' => ++$count ];
            $where = [ 'url' => $url ];
    
            // phpcs:disable WordPress.DB.DirectDatabaseQuery.DirectQuery, WordPress.DB.DirectDatabaseQuery.NoCaching
            $wpdb->update( self::$table, $data, $where );
            // phpcs:enable WordPress.DB.DirectDatabaseQuery.DirectQuery, WordPress.DB.DirectDatabaseQuery.NoCaching
        }
    }
    
    • 2

相关问题

  • woocommerce。您需要显示与特定类别相关的所有标签

  • 如果无法通过 php 文件在 Wordpress 中添加占位符,如何添加?

  • wp_head() 不工作

  • WooCommerce。如何在卡片中显示特定产品的标签?

  • 如何将所需的“meta_query”参数从 WP_Query 传递给 $_POST?

  • OpenServer上的网站问题[关闭]

Sidebar

Stats

  • 问题 10021
  • Answers 30001
  • 最佳答案 8000
  • 用户 6900
  • 常问
  • 回答
  • Marko Smith

    我看不懂措辞

    • 1 个回答
  • Marko Smith

    请求的模块“del”不提供名为“default”的导出

    • 3 个回答
  • Marko Smith

    "!+tab" 在 HTML 的 vs 代码中不起作用

    • 5 个回答
  • Marko Smith

    我正在尝试解决“猜词”的问题。Python

    • 2 个回答
  • Marko Smith

    可以使用哪些命令将当前指针移动到指定的提交而不更改工作目录中的文件?

    • 1 个回答
  • Marko Smith

    Python解析野莓

    • 1 个回答
  • Marko Smith

    问题:“警告:检查最新版本的 pip 时出错。”

    • 2 个回答
  • Marko Smith

    帮助编写一个用值填充变量的循环。解决这个问题

    • 2 个回答
  • Marko Smith

    尽管依赖数组为空,但在渲染上调用了 2 次 useEffect

    • 2 个回答
  • Marko Smith

    数据不通过 Telegram.WebApp.sendData 发送

    • 1 个回答
  • Martin Hope
    Alexandr_TT 2020年新年大赛! 2020-12-20 18:20:21 +0000 UTC
  • Martin Hope
    Alexandr_TT 圣诞树动画 2020-12-23 00:38:08 +0000 UTC
  • Martin Hope
    Air 究竟是什么标识了网站访问者? 2020-11-03 15:49:20 +0000 UTC
  • Martin Hope
    Qwertiy 号码显示 9223372036854775807 2020-07-11 18:16:49 +0000 UTC
  • Martin Hope
    user216109 如何为黑客设下陷阱,或充分击退攻击? 2020-05-10 02:22:52 +0000 UTC
  • Martin Hope
    Qwertiy 并变成3个无穷大 2020-11-06 07:15:57 +0000 UTC
  • Martin Hope
    koks_rs 什么是样板代码? 2020-10-27 15:43:19 +0000 UTC
  • Martin Hope
    Sirop4ik 向 git 提交发布的正确方法是什么? 2020-10-05 00:02:00 +0000 UTC
  • Martin Hope
    faoxis 为什么在这么多示例中函数都称为 foo? 2020-08-15 04:42:49 +0000 UTC
  • Martin Hope
    Pavel Mayorov 如何从事件或回调函数中返回值?或者至少等他们完成。 2020-08-11 16:49:28 +0000 UTC

热门标签

javascript python java php c# c++ html android jquery mysql

Explore

  • 主页
  • 问题
    • 热门问题
    • 最新问题
  • 标签
  • 帮助

Footer

RError.com

关于我们

  • 关于我们
  • 联系我们

Legal Stuff

  • Privacy Policy

帮助

© 2023 RError.com All Rights Reserve   沪ICP备12040472号-5