blocks|key|1837454|text|PHP为这个名字tmpfile提供了一个函数。它创建一个临时文件并返回一个资源。该资源可以像任何其他资源一样使用。|type|unstyled|depth|inlineStyleRanges|entityRanges|offset|length|data|1837455|例如，手册中的示例：|1837456|<?php
$temp+=+tmpfile();
fwrite($temp,+"writing+to+tempfile");
fseek($temp,+0);
echo+fread($temp,+1024);
fclose($temp);+//+this+removes+the+file
?>|code-block|syntax|javascript|1837457|文件在关闭时(使用fclose())或脚本结束时自动删除。您可以在资源上使用任何文件函数。您可以找到这些here。希望这对你有帮助？|1837458|另一种解决方案是以常规方式创建文件，并使用cronjob定期检查会话是否已过期。期满日期和其他会话数据可以存储在数据库中。使用该脚本查询该数据并确定会话是否已过期。如果是，请将其从磁盘中物理删除。确保每小时运行一次脚本(取决于您的超时时间)。|1837459|entityMap|0|LINK|mutability|MUTABLE|url|http://php.net/manual/en/function.tmpfile.php|1|http://www.php.net/manual/en/ref.filesystem.php^0|8|7|0|0|0|0|1G|4|1|0|0^^$0|@$1|2|3|4|5|6|7|Y|8|@]|9|@$A|Z|B|10|1|11]]|C|$]]|$1|D|3|E|5|6|7|12|8|@]|9|@]|C|$]]|$1|F|3|G|5|H|7|13|8|@]|9|@]|C|$I|J]]|$1|K|3|L|5|6|7|14|8|@]|9|@$A|15|B|16|1|17]]|C|$]]|$1|M|3|N|5|6|7|18|8|@]|9|@]|C|$]]|$1|O|3|-4|5|6|7|19|8|@]|9|@]|C|$]]]|P|$Q|$5|R|S|T|C|$U|V]]|W|$5|R|S|T|C|$U|X]]]]

PHP has a function for that name <a href="http://php.net/manual/en/function.tmpfile.php" rel="noreferrer">tmpfile</a>. It creates a temporary file and returns a resource. The resource can be used like any other resource.

E.g. the example from the manual:

<pre><code>&lt;?php
$temp = tmpfile();
fwrite($temp, "writing to tempfile");
fseek($temp, 0);
echo fread($temp, 1024);
fclose($temp); // this removes the file
?&gt;
</code></pre>

The file is automatically removed when closed (using fclose()), or when the script ends. You can use any file functions on the resource. You can find these <a href="http://www.php.net/manual/en/ref.filesystem.php" rel="noreferrer">here</a>. Hope this will help you?

Another solution would be to create the file in the regular way and use a cronjob to regular check if a session is expired. The expiration date and other session data could be stored in a database. Use the script to query that data and determine if a session is expired. If so, remove it physically from the disk. Make sure to run the script once an hour or so (depending on your timeout).

blocks|key|1837468|text|你能更深入地解释一下你的问题吗？因为我看不出有什么理由不使用$_SESSION。$_SESSION中的数据存储在服务器端的一个文件(参见http://php.net/session.save-path)+BTW中。至少在默认情况下是这样。;-)|type|unstyled|depth|inlineStyleRanges|offset|length|style|CODE|entityRanges|data|1837469|entityMap|0|LINK|mutability|MUTABLE|url|http://php.net/session.save-path^0|U|9|14|9|1W|W|0|0^^$0|@$1|2|3|4|5|6|7|N|8|@$9|O|A|P|B|C]|$9|Q|A|R|B|C]]|D|@$9|S|A|T|1|U]]|E|$]]|$1|F|3|-4|5|6|7|V|8|@]|D|@]|E|$]]]|G|$H|$5|I|J|K|E|$L|M]]]]

Could you explain your problem a bit more deeply? Because I don't see a reason why not to use <code>$_SESSION</code>. The data in <code>$_SESSION</code> is stored server-side in a file (see <a href="http://php.net/session.save-path" rel="nofollow noreferrer"><a href="http://php.net/session.save-path" rel="nofollow noreferrer">http://php.net/session.save-path</a></a>) BTW. At least by default. ;-)

blocks|key|537502|text|好的，到目前为止我们有以下需求|type|unstyled|depth|inlineStyleRanges|entityRanges|data|537503|537504|让用户在他/她的会话中只下载|ordered-list-item|537505|，不复制并粘贴链接到其他|537506|用户必须从站点下载的链接，例如no+hotlinking|537507|Control+|537508|537509|537510|让我们看看。这是不能工作的代码，但它应该按照以下方式工作：|offset|length|style|BOLD|537511|<?php+//+download.php

session_start();+//+start+or+resume+a+session

//+always+sanitize+user+input
$fileId++=+filter_input(INPUT_GET,+'fileId',+FILTER_SANITIZE_NUMBER_INT);
$token+++=+filter_input(INPUT_GET,+'token',+FILTER_UNSAFE_RAW);
$referer+=+filter_input(INPUT_SERVER,+'HTTP_REFERER',+FILTER_SANITIZE_URL);
$script++=+filter_input(INPUT_SERVER,+'SCRIPT_NAME',+FILTER_SANITIZE_URL);

//+mush+session_id+and+fileId+into+an+access+token
$secret++++++++=+'i+can+haz+salt?';
$expectedToken+=+md5($secret+.+session_id()+.+$fileId);

//+check+if+request+came+from+download.php+and+has+the+valid+access+token
if(($expectedToken+===+$token)+&&+($referer+===+$script))+{
+++$file+=+realpath('path/to/files/'+.+$fileId+.+'.zip');
+++if(is_readable($file))+{
++++++++session_destroy();+//+optional
++++++++header(/*+stuff+*/);
++++++++fpassthru($file);
++++++++exit;
++++}
}
//+if+no+file+was+sent,+send+the+page+with+the+download+link.
?>
<html+...

<?php+printf('a+href="/download.php?fileId=%25s&amp;token=%25s',+
++++++++++++++$fileId,+$expectedToken);+?>

...
</html>|code-block|syntax|javascript|537512|就是这样。不需要数据库。这应该涵盖需求1-3。你不能用PHP控制速度，但是如果你在发送文件后没有破坏会话，你可以在会话中写一个计数器，限制用户在会话期间发送的文件数量。|537513|我全心全意地同意，这可以比这个monkeyform+hack更优雅地解决，但作为概念证明，它应该足够了。|537514|entityMap^0|0|0|0|0|0|0|0|0|8|7|0|0|0|0^^$0|@$1|2|3|4|5|6|7|14|8|@]|9|@]|A|$]]|$1|B|3|-4|5|6|7|15|8|@]|9|@]|A|$]]|$1|C|3|D|5|E|7|16|8|@]|9|@]|A|$]]|$1|F|3|G|5|E|7|17|8|@]|9|@]|A|$]]|$1|H|3|I|5|E|7|18|8|@]|9|@]|A|$]]|$1|J|3|K|5|E|7|19|8|@]|9|@]|A|$]]|$1|L|3|-4|5|E|7|1A|8|@]|9|@]|A|$]]|$1|M|3|-4|5|6|7|1B|8|@]|9|@]|A|$]]|$1|N|3|O|5|6|7|1C|8|@$P|1D|Q|1E|R|S]]|9|@]|A|$]]|$1|T|3|U|5|V|7|1F|8|@]|9|@]|A|$W|X]]|$1|Y|3|Z|5|6|7|1G|8|@]|9|@]|A|$]]|$1|10|3|11|5|6|7|1H|8|@]|9|@]|A|$]]|$1|12|3|-4|5|6|7|1I|8|@]|9|@]|A|$]]]|13|$]]

Ok, so we have the following requirements so far

<ol>
<li>Let the user download in his/her session only</li>
<li>no copy &amp; paste the link to somebody else</li>
<li>Users have to download from the site, e.g. no hotlinking</li>
<li>Control speed </li>
</ol>

Let's see. This is not working code, but it should work along these lines:

<pre><code>&lt;?php // download.php

session_start(); // start or resume a session

// always sanitize user input
$fileId = filter_input(INPUT_GET, 'fileId', FILTER_SANITIZE_NUMBER_INT);
$token = filter_input(INPUT_GET, 'token', FILTER_UNSAFE_RAW);
$referer = filter_input(INPUT_SERVER, 'HTTP_REFERER', FILTER_SANITIZE_URL);
$script = filter_input(INPUT_SERVER, 'SCRIPT_NAME', FILTER_SANITIZE_URL);

// mush session_id and fileId into an access token
$secret = 'i can haz salt?';
$expectedToken = md5($secret . session_id() . $fileId);

// check if request came from download.php and has the valid access token
if(($expectedToken === $token) &amp;&amp; ($referer === $script)) {
 $file = realpath('path/to/files/' . $fileId . '.zip');
 if(is_readable($file)) {
 session_destroy(); // optional
 header(/* stuff */);
 fpassthru($file);
 exit;
 }
}
// if no file was sent, send the page with the download link.
?&gt;
&lt;html ...

&lt;?php printf('a href="/download.php?fileId=%s&amp;amp;token=%s', 
 $fileId, $expectedToken); ?&gt;

...
&lt;/html&gt;
</code></pre>

And that's it. No database required. This should cover requirements 1-3. You cannot control speed with PHP, but if you dont destroy the session after sending a file you could write a counter to the session and limit the number of files the user will be sent during a session.

I wholeheartedly agree that this could be solved much more elegantly than with this monkeyform hack, but as proof-of-concept, it should be sufficient.

blocks|key|537541|text|因此，我们有一个或多个文件可供下载。为每个下载请求创建一个临时文件不是一个好主意。相反，为每个文件创建一个symlink()是一个更好的主意。这将节省大量磁盘空间，并降低服务器负载。|type|unstyled|depth|inlineStyleRanges|offset|length|style|CODE|entityRanges|data|537542|根据用户的会话命名symlink是一个不错的主意。更好的方法是生成一个随机的符号链接名称，并将其与会话相关联，这样脚本就可以在每个会话中处理多次下载。您可以使用session_set_save_handler()+(link)并注册一个自定义的read函数，该函数检查过期的会话，并在会话过期时删除符号链接。|537543|entityMap|0|LINK|mutability|MUTABLE|url|http://php.net/session_set_save_handler^0|1H|9|0|28|Q|3E|4|30|4|0|0^^$0|@$1|2|3|4|5|6|7|P|8|@$9|Q|A|R|B|C]]|D|@]|E|$]]|$1|F|3|G|5|6|7|S|8|@$9|T|A|U|B|C]|$9|V|A|W|B|C]]|D|@$9|X|A|Y|1|Z]]|E|$]]|$1|H|3|-4|5|6|7|10|8|@]|D|@]|E|$]]]|I|$J|$5|K|L|M|E|$N|O]]]]

So we have one or more files available for download. Creating a temporary file for each download requests is not a good idea. Creating a <code>symlink()</code> for each file instead is a much better idea. This will save loads of disk space and keep down the server load.

Naming the symlink after the user's session is a decent idea. A better idea is to generate a random symlink name &amp; associate with the session, so the script can handle multiple downloads per session. You can use <code>session_set_save_handler()</code> (<a href="http://php.net/session_set_save_handler" rel="nofollow noreferrer">link</a>) and register a custom <code>read</code> function that checks for expired sessions and removes symlinks when the session has expired.

blocks|key|1945295|text|也许现在回答已经太晚了，但我正在尝试分享googlize的特性！|type|unstyled|depth|inlineStyleRanges|entityRanges|data|1945296|1945297|如果您使用CPanel，有一种快捷的方法可以阻止对托管文件的外部请求，其名称为：HotLink。|blockquote|offset|length|style|BOLD|1945298|1945299|1945300|你可以在你的面板上启用HotLinks，并确保没有人可以从另一个主机上请求你的文件或使用你的文件作为下载参考。|1945301|entityMap^0|0|0|14|7|0|0|0|0^^$0|@$1|2|3|4|5|6|7|P|8|@]|9|@]|A|$]]|$1|B|3|-4|5|6|7|Q|8|@]|9|@]|A|$]]|$1|C|3|D|5|E|7|R|8|@$F|S|G|T|H|I]]|9|@]|A|$]]|$1|J|3|-4|5|6|7|U|8|@]|9|@]|A|$]]|$1|K|3|-4|5|6|7|V|8|@]|9|@]|A|$]]|$1|L|3|M|5|6|7|W|8|@]|9|@]|A|$]]|$1|N|3|-4|5|6|7|X|8|@]|9|@]|A|$]]]|O|$]]

Maybe it's to late for answering but I'm try to share on feature googlize! 

<blockquote>
 if you use CPanel there is a short and quick way for blocking external
 request on your hosted files which name is: HotLink.
</blockquote>

you can Enable HotLinks on you Cpanel and be sure nobody can has request o your file from another hosting or use your files as a download reference.

blocks|key|1945362|text|为了达到这个目的，我会创建一个文件，并使用chmod对其进行保护--使其对公众不可用。或者，将内容保存在数据库表行中，在需要时获取它。|type|unstyled|depth|inlineStyleRanges|entityRanges|data|1945363|使其可以作为文件下载。为此，我将从受保护的文件中获取内容，或者如果它存储在数据库表中，则获取它并简单地输出它。使用php头文件，我会给它一个所需的名称，扩展名，指定它的类型，最后强制浏览器将输出下载为一个实体文件。|1945364|这样，您只需要将数据保存在一个位置，或者保存在受保护的文件中，或者保存在数据库中。强制客户端浏览器在满足条件的情况下多次下载它，例如，只要用户已登录，等等。无需担心磁盘空间，制作任何临时文件，cronJobs和/或自动删除文件。|1945365|entityMap^0|0|0|0^^$0|@$1|2|3|4|5|6|7|H|8|@]|9|@]|A|$]]|$1|B|3|C|5|6|7|I|8|@]|9|@]|A|$]]|$1|D|3|E|5|6|7|J|8|@]|9|@]|A|$]]|$1|F|3|-4|5|6|7|K|8|@]|9|@]|A|$]]]|G|$]]

To acheive this, I would make one file and protect it using chmod - making it unavailable to the public. Or, alternatively, save the contents in a database table row, fetch it whenever required.

Making it downloadable as a file. To do so, I would get the contents from the protected file, or if it is stored in a database table, fetch it and simply output it. Using php headers, I would, give it a desired name, extension, specify it's type, and finally force the browser to download the output as a solid file.

This way, you only need to save data in one place either, in a protected file or in database. Force client browser to download it as many times as the the conditions meet e.g., as long as the user is logged-in and so on. Without having to worry about the disk space, making any temp file, cronJobs and or auto-deletion of the file.

I am writing a anti-leeching download script, and my plan is to create a temporary file, which is named by session ID, then after the session expires, the file will be automatically deleted. Is it possible ? And can you give me some tips how to do that in PHP ?

Thanks so much for any reply

Create temporary file and auto removed

翻译质量差，导致语言生硬或混乱。

没有提供实际的解决方法或示例。

解答不清晰，无法理解或解决问题。

页面排版不美观，阅读体验差。

文章

问答

视频

学习中心

腾讯云实验室

直播

竞赛

腾讯云代码分析专区

腾讯iOA零信任安全管理系统专区

腾讯云架构师技术同盟交流圈

腾讯云数据库专区

腾讯云顾问专区

腾讯云原生专区

腾讯混元专区

腾讯云TCE专区

腾讯云Lighthouse专区

腾讯云HAI专区

腾讯云Edgeone专区

腾讯云存储专区

腾讯云智能专区

腾讯轻联专区 

腾讯云开发专区

TAPD专区

腾讯轻量云游戏服专区

腾讯云最具价值专家

腾讯云架构师技术同盟

腾讯云创作之星

腾讯云开发者先锋

腾讯云代码助手

云原生构建

TAPD 敏捷项目管理

Cloud Studio

SDK中心

API中心

命令行工具

涵盖代码开发、场景应用、自动测试全流程，助你从零构建专属AI助手

一站式MCP教程库，解锁AI应用新玩法

我正在写一个反窃取的下载脚本，我的计划是创建一个临时文件，该文件以会话ID命名，然后在会话到期后，该文件将被自动删除。有可能吗？你能给我一些如何在PHP中做到这一点的技巧吗？非常感谢您的回复

问创建临时文件并自动删除
EN

Stack Overflow用户

社区

活动

圈层

关于

腾讯云开发者

热门产品

热门推荐

更多推荐

问创建临时文件并自动删除EN