如果打开在文本编辑器中下载的文件的内容，则无疑会看到错误消息.这可能是因为您的路径以/开头.当您从磁盘打开文件时，服务器路径的doc根目录是没有意义的.您需要指定真实路径.

If you open the contents of that file you downloaded in a text editor, you will no doubt see an error message. This is probably because your path starts with /. When you open files from disk, the doc root of your server path is meaningless. You need to specify the real path.

此外，您的脚本非常不安全！任何人都可以从服务器上下载他们想要的任何文件.提供文件之前，请确保检查文件是否在doc根目录下. 从不，用户可以不受限制地指定他们想要的任何文件.您不希望有人做?file=../../../etc/passwd.

Also, your script is terribly insecure! Anyone can download any file they want off your server. Make sure to check that the file is within the doc root before serving it up. Never let a user just specify any file they want without restriction. You don't want some doing ?file=../../../etc/passwd.