这几天在写一个PHP防盗链外部资源下载处理函数,昨天晚上刚完成编写,中间遇到了些问题,这里就不详述了;
以下是自写的简单的PHP防盗链处理类(重新整理编写成类文件,以便后期改进);
<?php
/**
*
* 防盗链外部资源下载处理类
*
* @link http://glzy8.com
*
*/
class BurglarDow{
/**
* 初始许可下载状态
* @var allow
* @access private
*/
private $allow = false;
/**
* 初始下载地址
* @var dowUrl
* @access private
*/
private $dowUrl = null;
/**
* 初始来路域名
* @var RemoteUrl
* @access private
*/
private $RemoteUrl = null;
/**
* 初始许可资源取用域名列表
* @var allowUrl
* @access private
*/
private $allowUrl = array();
/**
* 初始转跳地址
* @var Location
* @access private
*/
private $Location = null;
public function __construct($dowUrl,$Location,array $allowUrl){
// 初始下载地址
$this->dowUrl = $dowUrl;
// 初始许可资源取用域名列表
$this->allowUrl = $allowUrl;
// 初始转跳地址
$this->Location = $Location;
$this->RemoteUrl = @parse_url($_SERVER['HTTP_REFERER']); // 获取来路域名
if(!is_array($this->RemoteUrl))
header("HTTP/1.1 301 Moved Permanently");
header("Location: ".$this->Location);
if(isset($this->RemoteUrl['host'])){
if(in_array($this->RemoteUrl['host'],$this->allowUrl)){ // 判断是否来至许可域名
$this->allow = true; // 下载许可状态为:真
}
}
unset($this->allowUrl,$this->RemoteUrl); // 释放内存变量
}
/**
* 防盗链资源下载
* @access public
* @return mixed
*/
public function dow(){
$FileInfo = get_headers($this->dowUrl,1); // 获取远程文件头部信息
if(true === $this->allow){ // 判断是否许可下载资源
//判断配置文件是否存在
if(is_file('Config.ini')){
$FileCon = parse_ini_file('Config.ini');
}else{
$FileName = basename($FileInfo['Content-Location']);
$FileConStr = "FileName = {$FileName}\r\nFileUrl = {$FileInfo['Content-Location']}\r\nFileSize = {$FileInfo['Content-Length']}";
$handle = fopen ('Config.ini', "wb"); // Config.ini文件不存在则创建文件
if (fwrite ($handle, $FileConStr) == FALSE) { // 数据写入文件
echo "File creation failed ...";
}
fclose ($handle); // 关闭一个已打开的文件指针
$FileCon = parse_ini_file('Config.ini');
}
if(!empty($$this->dowUrl)){
$fp = @fopen($$this->dowUrl, "rb"); // 二进制模式读取文件
if (!$fp)
exit("Download a mistake.\n\n");
// 输出远程资源
header("Content-type:text/html;charset=utf-8");
header('Content-Description: File Transfer');
header('Content-Type: application/octet-stream');
header('Content-Disposition: attachment; filename='.$FileCon['FileName']);
header("Accept-Ranges: bytes");
header('Content-Transfer-Encoding: binary');
header('Expires: 0');
header('Cache-Control:must-revalidate,post-check=0,pre-check=0');
header('Pragma: public');
header('Content-Length: '.$FileCon['FileSize']);
while (!feof($fp)){
set_time_limit(0); // 设置文件最长执行时间
echo fread($fp, 1024); // 输出文件
flush(); // 输出缓冲
ob_flush(); // 输出缓冲区中的内容
}
fclose($fp);
}else{
header("HTTP/1.1 404 Not Found");
}
}else{
header("HTTP/1.1 301 Moved Permanently");
header("Location: ".$this->Location);
}
}
}
// 远程资源地址
$dowUrl = 'http://dldir1.qq.com/qqfile/qq/QQ5.1/10055/QQ5.1.exe';
// 转跳地址
$Location = 'http://glzy8.com';
// 许可来路域名列表
$allowUrl = array(
'glzy8.com',
);
$BurglarDow = new BurglarDow($dowUrl,$Location,$allowUrl);
$BurglarDow -> dow();