code for php word document read only_问答_开发者

I have a php download script that allow user to download a word document file after downloading it is editable to user..i want to make file readonly to user

my code for download is:

//php code

// set headers`enter code here`
header("Pragma: public");
header("Expires: 0");
header("Cache-Control: must-revalidate, post-check=0, pre-check=0");
header("Cache-Control: public");
header("Content-Description: File Transfer");
header("Content-Type: $mtype");
header("Content-Disposition: attachment; filename=\"$asfname\"");
header("Content-Transfer-Encoding: binary");
header("Content-Length: " . $fsize);

// download
// @readfile($file_path);

$file = @fopen($file_path,"r开发者_如何学Pythonb");
if ($file) {
  while(!feof($file)) {
    print(fread($file, 1024*8));
    flush();
    if (connection_status()!=0) {
      @fclose($file);
      die();
    }
  }
  @fclose($file);
}

thanx in advance Regards

You can't. File attributes aren't sent with the download. The user downloads the file and owns it.

You can password-protect the document, but for that you have to edit it yourself. It is something that can hardly be done by PHP, although you could use the COM interface of Word from PHP on Windows... But that's not a path you want to go.

If you want a readonly document, why not use a pdf instead?

Here is method to make password protected non editable word file using the PHPWord library:

https://github.com/PHPOffice/PHPWord

<?php 
require_once("vendor/autoload.php"); 

// Input file
$name = basename(__FILE__, '.php');
$name="sample";
$source = __DIR__ . "/{$name}.docx";

$phpWord = \PhpOffice\PhpWord\IOFactory::load($source);

// Add Password Protection For editing 
$documentProtection = $phpWord->getSettings()->getDocumentProtection();
$documentProtection->setEditing(PhpOffice\PhpWord\SimpleType\DocProtect::READ_ONLY);
$documentProtection->setPassword('123456');

// Write the output file

$objWriter = \PhpOffice\PhpWord\IOFactory::createWriter($phpWord, 'Word2007');
$objWriter->save('helloWorld.docx');

UPDATE:: My workaround and new answer... Unintentional Editing Protection.

Quickly: This is the easiest and first way I have found to get "close" to achieving tamper proof .docx file from PHP script. I could not achieve adding the protection on the fly with PHP at this time.

So early in my venture to create dynamic .docx files I learned that it was easier to edit files as seen here.

Please note that when replacing text in the document, word's spellcheck feature distorts plain text that it sees as misspelled words by wrapping parts of that word in question (my_dynamic_file_title) in spellcheck and grammar tags. You will probably also find that it will not work unless you turn off all the spellcheck and grammar features as seen here. I had to.

Please note after I did I had to copy and paste the text (with formatting mostly) to fully remove the spellcheck and grammar tags. My place holders that I use in my template .docx I had to copy from outside of word and paste them without formatting or I just retyped them.

Now.. If, in word (Mine is Office 2019), on your document template you go to:

file-> Protect Document -> Restrict Editing

Choose the options that you want and password protect it. Upload your template and use the editing script as you would. It works the same as before it was protected.

This method stops word from allowing the editing of the file without a password, not a person(Dev) that extracts the files, changes the document.xml file, and converts it back to a docx file by simply renaming the file extensions from .docx to .zip and back.

::My old answer:: So yes someone can do it but...

After looking into it myself and briefly comparing natively protected (or what I believe to be) documents I can see it is possible as well as it has been done before IE.. Szekelygobe's answer mentions the software that does it (or there is a patch to do it) as seen in github here.

I must say it seems to require too much to do this for myself and with the lack of documentation readily available it just isn't worth it for me yet. If you would like to go down the path, take 1 .docx make a copy of it and protect one of them. Rename them to .zip files and compare in your favorite code editor.

The most notable difference at a brief glance is in the file called "settings.xml" you will see the tag <w:documentProtection...

I also see a lot of other changes. The other tags are not the same which leads me to believe there is at least a little more than just creating/generating this tag. There is encryption involved and it would require research into the properties of the specific tag properties and the whole what & how of each...

Like I said though it is just too much for me to try to understand a.t.m. but I hope I was able to point to a path.

NOTE::I would have commented but this became too much for a comment.

Last note on all of it:: I really wanted to do it all from PHP but it is just too much at the moment. I was also looking to make it completely tamper proof and it is just not possible. You can get close but it costs the time and effort just for it all to be forgable. Word has Digital Signatures and IRM (Information Rights Management) which I believe is to also help show authenticity.