If we know the actual path of a static file such as:
http://www.webdn.com/download/mybook.pdf, if the server does not make special restrictions, we can download it without effort! How can the downloader can't get his actual path when the website provides mybook.pdf download? This article describes how to use ASP to hide the actual download path of the file.
When we manage the website file, we can put the extension of the extension in the same directory, set a more special name, such as the PDF file directory is the_pdf_file_s, saving the following code as Down.asp, his online path is
Http://www.webdn.com/down.asp, we can use http: // www.
Webdn.com/down.asp?filename=mybook.pdf to download this file, and the downloader can't see this file actual download path! In Down.asp, we can also set whether the download file needs to be logged in, it is determined whether the downloaded source page is an external website, so that the file can be prevented from being stolen.
Sample code:
<%
From_url = cstr (Request.ServerVariables ("http_referer"))
Serv_url = cstr (Request.ServerVariables ("Server_Name"))
IF MID (from_url, 8, len (serv_url) <> serv_url dam
Response.write "illegal link!" 'Prevention of stealing chains
Response.end
END IF
If Request.Cookies ("Logined") = "" "" ""
Response.Redirect "/login.asp" "needs to be logged in!
END IF
Function getFileName (longname) '/ folder1 / folder2 / file.asp => file.asp
While INSTR (longname, "/")
LongName = Right (longname, len (longname) -1)
Wend
GetFileName = longname
END FUNCTION
Dim Stream
DIM Contents
DIM FileName
DIM TrueFileName
DIM FileExt
Const adtypebinary = 1
FileName = Request.QueryString ("FileName")
IF filename = "" ""
Response.write "invalid file name!"
Response.end
END IF
FileExt = MID (FileName, INSTRREV (FileName, ".") 1)
SELECT CASE UCASE (Fileext)
Case "ASP", "ASA", "ASPX", "ASAX", "MDB"
Response.write "illegal operation!"
Response.end
End SELECT
Response.clear
IF LCase (Right (FileName, 3)) = "GIF" or LCase (Right (filename, 3)) = "JPG" or LCase (Right (filename, 3)) = "PNG" theResponse.contentType = "image / * "'Do not download dialog box for image files
Else
Response.contentType = "Application / MS-Download"
END IF
Response.addheader "Content-Disposition", "Attachment; FileName =" & getFileName (Request.QueryString ("FileName"))
Set stream = server.createObject ("adoDb.stream")
Stream.type = adtypebinary
Stream.open
IF LCASE (Right (filename, 3)) = "PDF" THEN 'Settings PDF Type File Directory
TrueFileName = "/ THE_PDF_FILE_S /" & FileName
END IF
If LCASE (Right (filename, 3)) = "DOC" TEN 'Setup Doc Type File Directory
TrueFileName = "/ my_d_o_c_file /" & filename
END IF
IF LCase (Right (FileName, 3)) = "GIF" or LCase (Right (filename, 3)) = "jpg" or lcase (Right (filename, 3)) = "png" then
TrueFileName = "/ all_images _ /" & filename "Sets the image file directory
END IF
Stream.LoadFromfile Server.MAppath (TrueFileName)
While not stream.eos
Response.binarywrite stream.read (1024 * 64)
Wend
Stream.close
Set stream = Nothing
Response.flush
Response.end
%>