极致cms给列表输出pictures附件表里附件源信息
目的是在不暴露后台附件地址情况下前台利用附件id从pictures表里查询附件地址执行下载;
1.首先给模型添加单附件字段attachment
2.找到前台控制器HomeController.php里面栏目处理器函数function jizhi(){}里面的循环输出url的地方,加上处理附件信息
foreach($data as $k=>$v){
if(!isset($v['url'])){
$data[$k]['url'] = gourl($v,$v['htmlurl']);
}
//返回附件信息s
if(!isset($v['fid'])){
if(isset($v['attachment'])){
$fres = M('pictures')->find(['litpic'=> $data[$k]['attachment']]);
if($fres){
$data[$k]['fid'] = $fres['id'];
$data[$k]['ftype'] = $fres['filetype'];
$data[$k]['ftime'] = date('Y-m-d',$fres['addtime']);
$data[$k]['fsize'] =usize($fres['size']);
}else{
$data[$k]['fid'] = 0;
}
}else{
$data[$k]['fid'] = 0;
}
}
//返回附件信息e
}
3.在前台控制器添加下载处理函数
function download() {
if($_POST){
$id = $this->frparam('fid',1,'POST');
$file_name =$this->frparam('file_name',1,'POST');
if(!$id||!$file_name){
http_response_code(405);
//echo "错误:参数缺失";
exit;
}
if (!preg_match('/^[\w\x{4e00}-\x{9fa5}\-]+$/u', $file_name)) {
http_response_code(405);
//echo "错误:文件名包含非法字符";
exit;
}
$fres = M('pictures')->find(['id'=> $id]);
if($fres){
$file_url = $fres['litpic'];
$now =date('Ymd_His', time());
$download_name = $file_name.$now. '.' . $fres['filetype'];
if (file_exists(APP_PATH.$file_url) && is_file(APP_PATH.$file_url)) {
$fileSize = filesize(APP_PATH.$file_url);
header('Content-Description: File Transfer');
header('Content-Type: application/octet-stream');
header('Content-Disposition: attachment; filename="' . basename($download_name) . '"');
header('Expires: 0');
header('Cache-Control: must-revalidate');
header('Pragma: public');
header('Content-Length: ' . $fileSize);
readfile(APP_PATH.$file_url);
exit;
}else{
http_response_code(404);
//echo "错误:文件不存在。";
exit;
}
}else{
http_response_code(404);
//echo "错误:文件不存在。";
exit;
}
}else{
http_response_code(405);
exit;
}
}