PHP video proxy for mobile

[rondog]

I have some videos stored above web root. I then have a PHP file that acts as a proxy to hand the videos to the user. The reason for this is so not just anybody can download the videos. They have to be authenticated. If I am on the PC, it prompts for a download so I know the script is working. When I try it on my iPad, I get the big play button but with a cross through it. When I try it on my iPhone, the movie interface loads, but I am then prompted with "Cannot play movie: The server is not correctly configured"

 

What could that be referring to? My script is below:

<?php
include("config.php"); //just includes session_start and db connection
if ($_SESSION['user']['authed'] == true)
{
session_write_close();
$id 		= $_GET['id'];

$query 		= mysql_query("SELECT filename FROM episodes WHERE id = '$id'");
$row 		= mysql_fetch_array($query);

$filename 	= "../../media/".$row['filename'];

header( 'Content-Description: File Transfer' );
    header( 'Content-Type: application/octet-stream' );
    header( 'Content-Disposition: attachment; filename='.basename( $filename ) );
    header( 'Content-Transfer-Encoding: binary' );
    header( 'Expires: 0' );
    header( 'Cache-Control: must-revalidate, post-check=0, pre-check=0' );
    header( 'Pragma: public' );
    header( 'Content-Length: ' . filesize( $filename ) );
    ob_clean();
    flush();
    readfile( $filename );
    exit;
}
?>

[rondog]

It is looking like I need to do something with $_SERVER['HTTP_RANGE'], but I am not finding much on it

[rondog]

anyone with experience like this?

[rondog]

Ok i've been googling the past few hours and I cannot figure out how to actually set the HTTP_RANGE headers. I keep finding

header('Accept-Ranges: bytes');

 

But there has to be more to it because $_SERVER['HTTP_RANGE'] is always null

[rondog]

Ok after 3 days I finally figured this monster out! This script will play videos that live above web root on the iOS devices. You can take this script and add your authentication to it like I did. I am checking if a user is logged in that way a member cant copy a link and send it to a non member. They would have to give them their login info which is impossible to guard against anyway.

<?php
$file = "../../media/v_360.m4v";

if (is_file($file))
{
$mime = "video/x-m4v";
header("Content-type: " . $mime);
header("Accept-Ranges: bytes");

if (isset($_SERVER['HTTP_RANGE']))// do it for any device that supports byte-ranges not only iPhone
{ 
	rangeDownload($file);
}
else
{
	header("Content-Length: ".filesize($file));
	readfile($file);
}
}
else
{
// some error...
}

function rangeDownload($file) {

$fp = @fopen($file, 'rb');

$size   = filesize($file); // File size
$length = $size;           // Content length
$start  = 0;               // Start byte
$end    = $size - 1;       // End byte
// Now that we've gotten so far without errors we send the accept range header
/* At the moment we only support single ranges.
 * Multiple ranges requires some more work to ensure it works correctly
 * and comply with the spesifications: http://www.w3.org/Protocols/rfc2616/rfc2616-sec19.html#sec19.2
 *
 * Multirange support annouces itself with:
 * header('Accept-Ranges: bytes');
 *
 * Multirange content must be sent with multipart/byteranges mediatype,
 * (mediatype = mimetype)
 * as well as a boundry header to indicate the various chunks of data.
 */
header("Accept-Ranges: 0-$length");
// header('Accept-Ranges: bytes');
// multipart/byteranges
// http://www.w3.org/Protocols/rfc2616/rfc2616-sec19.html#sec19.2
if (isset($_SERVER['HTTP_RANGE'])) {

	$c_start = $start;
	$c_end   = $end;
	// Extract the range string
	list(, $range) = explode('=', $_SERVER['HTTP_RANGE'], 2);
	// Make sure the client hasn't sent us a multibyte range
	if (strpos($range, ',') !== false) {

		// (?) Shoud this be issued here, or should the first
		// range be used? Or should the header be ignored and
		// we output the whole content?
		header('HTTP/1.1 416 Requested Range Not Satisfiable');
		header("Content-Range: bytes $start-$end/$size");
		// (?) Echo some info to the client?
		exit;
	}
	// If the range starts with an '-' we start from the beginning
	// If not, we forward the file pointer
	// And make sure to get the end byte if spesified
	if ($range == '-') {

		// The n-number of the last bytes is requested
		$c_start = $size - substr($range, 1);
	}
	else {

		$range  = explode('-', $range);
		$c_start = $range[0];
		$c_end   = (isset($range[1]) && is_numeric($range[1])) ? $range[1] : $size;
	}
	/* Check the range and make sure it's treated according to the specs.
	 * http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html
	 */
	// End bytes can not be larger than $end.
	$c_end = ($c_end > $end) ? $end : $c_end;
	// Validate the requested range and return an error if it's not correct.
	if ($c_start > $c_end || $c_start > $size - 1 || $c_end >= $size) {

		header('HTTP/1.1 416 Requested Range Not Satisfiable');
		header("Content-Range: bytes $start-$end/$size");
		// (?) Echo some info to the client?
		exit;
	}
	$start  = $c_start;
	$end    = $c_end;
	$length = $end - $start + 1; // Calculate new content length
	fseek($fp, $start);
	header('HTTP/1.1 206 Partial Content');
}
// Notify the client the byte range we'll be outputting
header("Content-Range: bytes $start-$end/$size");
header("Content-Length: $length");

// Start buffered download
$buffer = 1024 * 8;
while(!feof($fp) && ($p = ftell($fp)) <= $end) {

	if ($p + $buffer > $end) {

		// In case we're only outputtin a chunk, make sure we don't
		// read past the length
		$buffer = $end - $p + 1;
	}
	set_time_limit(0); // Reset time limit for big files
	echo fread($fp, $buffer);
	flush(); // Free up memory. Otherwise large files will trigger PHP's memory limit.
}

fclose($fp);

}

?>

 

I got my source from here => http://mobiforge.com/developing/story/content-delivery-mobile-devices (Appendix - A). The script had a couple errors, nor did it set the: header("Accept-Ranges: bytes"); header.