网上有一篇文章是介绍使用COOKIE作为ACCESSKEY的KEY值的文章,以下是完整的方案:
NGINX 虚拟主机配置:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 | server { listen 80; server_name www.yourdomian.com; root /home/wwwroot/test; if ( $http_cookie ~* " ng_cookie=(.+?)(?:;|$)") { set $ng_cookie $1; } location /down/ { accesskey on; accesskey_hashmethod sha1; accesskey_arg "token"; accesskey_signature "jzbk$ng_cookie"; } location ~ .*\.(php|php5)?$ { include php.conf; } } |
PHP部分:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 | <?php function code($nc, $a='abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789') { $l=strlen($a)-1; $r=''; while($nc-->0) $r.=$a{mt_rand(0,$l)}; return $r; } $key=code('32');//生成一个32位的随机值 $File='pure-ftpd'; //文件名 if(!isset($_COOKIE['ng_cookie'])) { setcookie("ng_cookie",$key,time()+1800); //设置COOKIE有效期半小时 header("Refresh: 0"); //刷新页面 } $token=sha1(jzbk.$_COOKIE['ng_cookie']); //KEY echo '<br>'; echo "http://www.yourdomian.com/down/$File?token=$token"; //下载地址 echo '<br>'; echo $_COOKIE['ng_cookie']; ?> |