囧 – 仙

发现个奇怪的思路
这个是一个视频站程序的代码片段
这种方式不用考虑性能吗?

接受base64加密2次的字符串
解码
然后列出文件和目录
生成完整的path路径

然后利用php进行流媒体文件输出
这种方式可能人少访问没问题
人多的时候不会悲剧吗?

仔细考虑下这个是不是有些奇葩了
应该没人会这么干吧?
这程序还卖€45?

<?php // physical path of your root
if( !defined( 'ABSPATH' ) )
	define( 'ABSPATH', str_replace( '\\', '/',  dirname( __FILE__ ) )  );
//full path to dir with video.
$token = htmlspecialchars(base64_decode(base64_decode($_GET["file"])));
list($filename,$path) = explode('@@', $token);
$path = ABSPATH.'/'.$path.'/';
$ext=strrchr($filename, ".");
$file = $path . $filename;
$content_len=@filesize($file);  
header("Content-Description: File Transfer"); 
if(isset($_GET["type"])) {
$size = getimagesize($file); 
header('Content-Type:'.$size['mime']);
} else {
header("Content-type: video/".str_replace("ogv","ogg",$ext)."");  
header("Accept-Ranges: bytes"); 
header("Content-Disposition: attachment; filename=\"$filename\"");  
header("Content-Transfer-Encoding: binary"); 
header("Content-Length: " . filesize($file)); 
}
if($content_len!=FALSE)  
{  
Header("Content-length: $content_len");  
} 
readfile($file);

<?php // physical path of your root

if( !defined( 'ABSPATH' ) )

define( 'ABSPATH', str_replace( '\\', '/', dirname( __FILE__ ) ) );

//full path to dir with video.

$token = htmlspecialchars(base64_decode(base64_decode($_GET["file"])));

list($filename,$path) = explode('@@', $token);

$path = ABSPATH.'/'.$path.'/';

$ext=strrchr($filename, ".");

$file = $path . $filename;

$content_len=@filesize($file);

header("Content-Description: File Transfer");

if(isset($_GET["type"])) {

$size = getimagesize($file);

header('Content-Type:'.$size['mime']);

} else {

header("Content-type: video/".str_replace("ogv","ogg",$ext)."");

header("Accept-Ranges: bytes");

header("Content-Disposition: attachment; filename=\"$filename\"");

header("Content-Transfer-Encoding: binary");

header("Content-Length: " . filesize($file));

}

if($content_len!=FALSE)

{

Header("Content-length: $content_len");

}

readfile($file);

发表回复