PHP RSS PHP RSS

PHP Query, Make users login before accessing a movie?

Reply

Join Date: Jan 2005
Posts: 2
Reputation: alee is an unknown quantity at this point 
Solved Threads: 0
alee alee is offline Offline
Newbie Poster

PHP Query, Make users login before accessing a movie?

 
0
  #1
Jan 18th, 2005
i'm making a website for a friend with his movies in, he wants users to login before being able to view these movies, i don't know how to stop them viewing it by typing in the address.

Thanks, expect many more help requests as i am a noob

- Alee
Reply With Quote Quick reply to this message  
Join Date: Oct 2004
Posts: 348
Reputation: paradox814 is an unknown quantity at this point 
Solved Threads: 4
paradox814's Avatar
paradox814 paradox814 is offline Offline
Posting Whiz

Re: PHP Query, Make users login before accessing a movie?

 
0
  #2
Jan 18th, 2005
PLEASE BE CAREFUL!!!!!
if you start usign variables in the following script other users can do very malicious things with it! Including download your PHP source code!!!! which (if you use a db) would contain your database passwords!!!!

you must also set the appropiate MIME type if you are not usign the type i specified. and replace the whole login thing with your own validation scheme, this should be all u need.


PHP Syntax (Toggle Plain Text) 
  1. <?php
  2.  
  3. if (!$logged_in)
  4. {
  5. 	echo "so sorry you must log in!";
  6. 	exit();
  7. }
  8.  
  9.  
  10. //the following 3 lines means they must always download a fresh copy (just to verify they are logged in!)
  11. header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
  12. header("Cache-Control: no-store, no-cache, must-revalidate");
  13. header("Pragma: no-cache");
  14.  
  15.  
  16. header("Content-type: video/mpeg"); //works for .mpe .mpeg .mpg
  17.  
  18.  
  19. //to force the end user to download the file, uncomment the following line, otherwise it will stream from your site (aka lots of bandwidth)
  20. //header("Content-Disposition: attachment; filename=video.mpg");
  21.  
  22. //replace this next line with the appropiate file name
  23. readfile('my-super-secret-private-video.mpg');
  24.  
  25. ?>
http://www.brangle.com/
Reply With Quote Quick reply to this message  
Join Date: Jan 2005
Posts: 2
Reputation: alee is an unknown quantity at this point 
Solved Threads: 0
alee alee is offline Offline
Newbie Poster

Re: PHP Query, Make users login before accessing a movie?

 
0
  #3
Jan 20th, 2005
so its ok if i just use that code without editing it?

I will have to edit it to work with my php a little. like the user logged condition thingy.

But thanks VERY much, but surely. can't they still point their browser to the actual file?
Reply With Quote Quick reply to this message  
Join Date: Oct 2004
Posts: 348
Reputation: paradox814 is an unknown quantity at this point 
Solved Threads: 4
paradox814's Avatar
paradox814 paradox814 is offline Offline
Posting Whiz

Re: PHP Query, Make users login before accessing a movie?

 
0
  #4
Jan 20th, 2005
Originally Posted by alee
so its ok if i just use that code without editing it?
no you will need to change the file name to whatever your actual file name is myvideo1.mpg then that would replace my-super-secret-private-video.mpg


Originally Posted by alee
But thanks VERY much, but surely. can't they still point their browser to the actual file?
they can but that assumes they know the real file name, as the file they will be sent will be automatically renamed to video.mpg. The other thing is yes that was a very astute observation they can still point their browser to the real file name (assuming they know the real file name, or you have your .htaccess file to allow indexing), so to avoid this possibility you should place your video file in the parent directory of your public_html folder, so if you did this you could call the file by saying: /private/my-super-secret-private-video.mpg instead of just usign my-super-secret-private-video.mpg (make the path absolute so it doesn't matter what folder the php file is in.

Advanced note: when usign relatives path your "/" directory is NOT always the same in php as it is in FTP / SSH (check with your webhost to find out what is your home directory or look in the phpinfo() command)
http://www.brangle.com/
Reply With Quote Quick reply to this message  
Reply

Quick Reply to Thread
This thread is more than three months old.
Perhaps start a new thread instead?
Message:



Similar Threads
Other Threads in the PHP Forum
Thread Tools Search this Thread



# 5.2.10 alexa apache api array beginner binary broken cakephp checkbox class clean clients cms code cron curl database date directory display dissertation dynamic echo echo$_get[x]changingitintovariable... email encode error fairness file files folder form forms function functions google href htaccess html image images include indentedsubcategory insert ip javascript joomla legislation limit link local login mail memberships menu mlm multiple multipletables mysql mysqlquery newsletters oop open paypal pdf persist php problem provider query radio random recursion remote rss script search secure server sessions sms sockets source space spam sql syntax system table tutorial update upload url validator variable video web youtube
About Us | Contact Us | Advertise | DaniWeb | Acceptable Use Policy | RSS Feed

©2003 - 2009 DaniWeb® LLC