You do know the the default structure of directories created by Symfony? apps/ cache/ config/ lib/ log/ plugins/ test/ web/
And you have setup your web server in a "secure way" in Apache configuration? DocumentRoot "[path_to_you_symfony_project]/web" Well that means that all the parent directories of the web directory will be inaccessible from the web. You won't be able to type something like www.yourdomain.com/../config/databases.yml, because Apache simply can't know it, as the root directory is web. It would be like trying to access to some file in a parent directory of / on a unix-like system (yes, as by definition the root can't have any parent directory, that may be a bad example, but I'm trying to be as understandable as possible :p). So I recommend you to create a custom directory in your sf_root directory, and move here the files you don't want to be accessible from the web. Did you manage to get your thing work? Have a nice day :-) Nicolas On Jun 10, 1:01 pm, ctrlming <[email protected]> wrote: > thank you.But I still doesn`t understand what you say. > $file = sfConfig::get('sf_root_dir').'/[dir]/'.$filePath; > // [dir] is inaccessible from the web What do you mean by this? > > On 6月8日, 下午6时03分, sfNico <[email protected]> wrote: > > > Portable and a little bit simpler : > > > protected function sendFile($response,$contentType,$filePath) > > { > > $response = $this->getResponse(); > > $file = sfConfig::get('sf_root_dir').'/[dir]/'.$filePath; // [dir] > > is inaccessible from the web > > > if(is_file($file)) > > { > > $response->setHttpHeader('Content-Type', $contentType); > > $response->setHttpHeader('Content-Length', filesize($file)); > > $response->setHttpHeader('Last-Modified', gmdate("D, d M Y H:i:s", > > filemtime($file)).' GMT'); > > $response->sendHttpHeaders(); // send the headers before the file > > data > > $response->setContent(readfile($file)); > > } > > > return sfView::NONE; > > > }- 隐藏被引用文字 - > > > - 显示引用的文字 - --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "symfony users" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en -~----------~----~----~----~------~----~------~--~---
