• 防止通过URL下载文件


    网页中向用户提供了ppt文件的下载功能,前提是只有登录的用户才能下载,所以需要禁止通过URL对文件进行下载。

    自己定义一个文件下载类。

    using System;
    using System.Data;
    using System.Configuration;
    using System.Web;
    using System.Web.Security;
    using System.Web.UI;
    using System.Web.UI.WebControls;
    using System.Web.UI.WebControls.WebParts;
    using System.Web.UI.HtmlControls;
    using System.IO;
    using System.Threading;
    
    /// <summary>
    /// FileDownload 的摘要说明
    /// </summary>
    public class FileDownload
    {
        /// <summary>
        /// 输出硬盘文件,提供下载 支持大文件、续传、速度限制、资源占用小
        /// </summary>
        /// <param name="_Request">Page.Request对象</param>
        /// <param name="_Response">Page.Response对象</param>
        /// <param name="_fileName">下载文件名</param>
        /// <param name="_fullPath">带文件名下载路径</param>
        /// <param name="_speed">每秒允许下载的字节数</param>
        /// <returns>返回是否成功</returns>
        public static bool ResponseFile(HttpRequest _Request, HttpResponse _Response, string _fileName, string _fullPath, long _speed)
        {
            try
            {
                FileStream myFile = new FileStream(_fullPath, FileMode.Open, FileAccess.Read, FileShare.ReadWrite);
                BinaryReader br = new BinaryReader(myFile);
                try
                {
                    _Response.AddHeader("Accept-Ranges", "bytes");
                    _Response.Buffer = false;
                    long fileLength = myFile.Length;
                    long startBytes = 0;
    
                    int pack = 10240; //10K bytes
                    //int sleep = 200;   //每秒5次   即5*10K bytes每秒
                    int sleep = (int)Math.Floor((decimal)1000 * pack / _speed) + 1;
                    if (_Request.Headers["Range"] != null)
                    {
                        _Response.StatusCode = 206;
                        string[] range = _Request.Headers["Range"].Split(new char[] { '=', '-' });
                        startBytes = Convert.ToInt64(range[1]);
                    }
                    _Response.AddHeader("Content-Length", (fileLength - startBytes).ToString());
                    if (startBytes != 0)
                    {
                        _Response.AddHeader("Content-Range", string.Format(" bytes {0}-{1}/{2}", startBytes, fileLength - 1, fileLength));
                    }
                    _Response.AddHeader("Connection", "Keep-Alive");
                    _Response.ContentType = "application/octet-stream";
                    _Response.AddHeader("Content-Disposition", "attachment;filename=" + HttpUtility.UrlEncode(_fileName, System.Text.Encoding.UTF8));
    
                    br.BaseStream.Seek(startBytes, SeekOrigin.Begin);
                    int maxCount = (int)Math.Floor((decimal)(fileLength - startBytes) / pack) + 1;
    
                    for (int i = 0; i < maxCount; i++)
                    {
                        if (_Response.IsClientConnected)
                        {
                            _Response.BinaryWrite(br.ReadBytes(pack));
                            Thread.Sleep(sleep);
                        }
                        else
                        {
                            i = maxCount;
                        }
                    }
                }
                catch
                {
                    return false;
                }
                finally
                {
                    br.Close();
                    myFile.Close();
                }
            }
            catch
            {
                return false;
            }
            return true;
        }
    
    }

    添加一个一般处理程序,从session从读取用户信息,如果用户存在,进行相应文件的下载,如果不存在,返回首页。

    using System;
    using System.Collections.Generic;
    using System.Web;
    using Video.Filters;
    using VideoLibrary.Model;
    using System.Web.SessionState;
    namespace Video.AppCode
    {
        /// <summary>
        /// download 的摘要说明
        /// </summary>
        public class download : IHttpHandler,IRequiresSessionState
        {
    
            private UserInformation user = null;
            public void ProcessRequest(HttpContext context)
            {
                if(context.Session["user"]!=null)
                    user=(UserInformation)context.Session["user"];
               dowmload(context,user);
               
            }
            public void dowmload(HttpContext context, UserInformation user)
            {
                if (null != user)
                {
                    string PPT_Type = context.Request.QueryString["PPT_Type"];
                    string id = context.Request.QueryString["id"];
                    string file = "";
                    switch (PPT_Type)
                    {
    
                        case "SharePoint":
                            file = "SharePoint 2013 Overview.pptx";
                            FileDownload.ResponseFile(context.Request, context.Response, file, "D://document/" + file, 102400);
                            break;
                        case "Office":
                            if (id == "1")
                            {
                                file = "2013 O365 Customer Presentation.pptx";
                                FileDownload.ResponseFile(context.Request, context.Response, file, "D://document/" + file, 102400);
                            }
                            else if (id == "2")
                            {
                                file = "新一代Office,个人和企业生产力提升.pptx";
                                FileDownload.ResponseFile(context.Request, context.Response, file, "D://document/" + file, 102400);
                            }
                            break;
                    }
                }
                else
                    context.Response.Redirect("/Home/Index");
            }
            public bool IsReusable
            {
                get
                {
                    return false;
                }
            }
        }
    }

    前端调用

    <a href="download.ashx?PPT_Type=SharePoint&id=0"></a>

    这样就可以防止,用户未登录时通过url请求下载文件了。

  • 相关阅读:
    react 学习
    swiper
    日历插件
    插件 uploadify
    前端 websocket用法
    jQuery插件Highcharts
    可用于nodejs的SuperAgent(ajax API)
    git的基本命令
    自己对javascript闭包的了解
    函数中的this的四种绑定形式
  • 原文地址:https://www.cnblogs.com/jeemly/p/3834116.html
Copyright © 2020-2023  润新知