任何人都体验过知识树安全的 php 蒸汽 pdf 输出。
我正在尝试编写一个 PHP 脚本,但知识树服务出现问题。我对知识树进行了测试,没有安全性,但它正在工作。正如我们不想公开看到的那样。是给员工的。
PHP代码: -
Security :-
<form class="login-form" action="https://<kt server name>.knowledgetree.com/plugins/passwordResetPlugin/loginResetEmailDispatcher.php" method="POST" name="login">
<input type="hidden" name="action" value="login" />
<input type="hidden" name="cookieverify" value="" />
<input type="hidden" name="redirect" value="https://<kt server name>.knowledgetree.com/action.php?kt_path_info=ktcore.actions.document.view&fDocumentId=<doc ID>" />
<input name="username" type="hidden" value="example@mail.co.uk" />
<input name="password" type="hidden" value="password" />
<input id="downloadButton" type="submit" value="Login" style="display:none" />
</form>
No security:-
<form method="post" action="test.php">
<input type="hidden" name="url" value="https://<kt server name>.knowledgetree.com/action.php?kt_path_info=ktcore.actions.document.view&fDocumentId=<doc ID>" />
<input id="downloadButton" name="submit" type="submit" style='display:none' />
</form>
<script language="javascript">
document.getElementById("downloadButton").click();
</script>
<?php $destination_folder = 'downloads/';
$url = $_POST['url']; (no security)
$url = $_POST['redirect']; (security)
$newfname = $destination_folder . basename($url);
$newname = $destination_folder . basename($url, "").".pdf";
$file = fopen ($url, "rb");
if ($file) {
$newf = fopen ($newname, "wb");
if ($newf)
while(!feof($file)) {
fwrite($newf, fread($file, 1024 * 8 ), 1024 * 8 );
}
}
if ($file) {
fclose($file);
}
if ($newf) {
fclose($newf);
sleep(1);
rename ($newname, "downloads/example.pdf");
} ?>
<iframe src="/downloads/example.pdf" style="border: 0; position:absolute; top:0; left:0; right:0; bottom:0; width:100%; height:100%"></iframe>
请告诉我我该怎么做?
我认为需要使用 php curl。