PHP Encryption

[dreamseeker]

Hi guys, i'm new to this forum, and a junior php guy.

 

i need to encrypt a google address like this:

https://redirector.googlevideo.com/videoplayback?requiressl=yes&shardbypass=yes&cmbypass=yes&id=85447e8dcca62496&itag=37&source=picasa&cmo=secure_transport%3Dyes&ip=0.0.0.0&ipbits=0&expire=1409263315&sparams=requiressl,shardbypass,cmbypass,id,itag,source,ip,ipbits,expire&signature=9502110CBD5EB672BEFED7A42BB71A1A0040EA3F.AF8F7074D3EA1B7EF034923F51B139F96E1EB386&key=lh1&cpn=o641DPR2ifWhwWA1&c=web&cver=html5

 

i use picasa for my client to store car video etc to show and i want embed in iframe with a jwplayer that i'm customizing.

 

i see some sample that transform a address like this https://redirector.googlevideo.com/videoplayback?requiressl=yes&shardbypass=yes&cmbypass=yes&id=85447e8dcca62496&itag=37&source=picasa&cmo=secure_transport%3Dyes&ip=0.0.0.0&ipbits=0&expire=1409263315&sparams=requiressl,shardbypass,cmbypass,id,itag,source,ip,ipbits,expire&signature=9502110CBD5EB672BEFED7A42BB71A1A0040EA3F.AF8F7074D3EA1B7EF034923F51B139F96E1EB386&key=lh1&cpn=o641DPR2ifWhwWA1&c=web&cver=html5 in something like this --> http:\/\/r20---googlevideo.com\/picasa\/redirect.php?encrypt=0f10fd0fd0f90c30b80b80fb0ee0ed0f20fb0ee0ec0fd0f80fb0b70f00f80f80f00f50ee0ff0f20ed0ee0f80b70ec0f80f60b80ff0f20ed0ee0f80f90f50ea1020eb0ea0ec0f40c80f20ed0c60bc0bc0bc0be0c00bb0c00c00c10ed0bf0ed0ee0b90bb0bb0af0f20fd0ea0f00c60bb0bb0af0fc0f80fe0fb0ec0ee0c60f90f20ec0ea0fc0ea0af0ec0f60f80c60fc0ee0f70fc0f20fd0f20ff0ee0e80ec0f80f70fd0ee0f70fd0ae0bc0cd1020ee0fc0af0f20f90c60b90b70b90b70b90b70b90af0f20...etc etc... 

 

i see that there is a redirect.php?encrypt=....... how i can do that? 

 

Thanks in advance 'cause frankly speaking i don't know also what i must search on google.

 

 

 

 

[Psycho]

That is just a parameter passed through the URL. It does not "encrypt" anything. You can pass any number of name/value pairs on the URL It is just data and has no direct functional application. It is what you DO with those values that matters. I have no clue what Google is doing with that "encrypt' value. It could be that the video file is encrypted on their servers and that value is the key to un-encrypt it so the processing page can read the file and send to the user. Or, it may be a key used to track users watching the video. There may be some public information on what Google uses that value for, but I'm not going to do the research.

 

If you do want to encrypt something it really has nothing to do with passing an "encrypt" value on the query string.

[dreamseeker]

ok thanks for your quick response as you have understand i'm new in this things so how i can do the "hiding" of that url, i need to put this in html file that play a jwplayer

<script>

jwplayer('test-001').setup({

abouttext:'jw player',

aboutlink:'',

image: "data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAgAAAAIACAYAAAD0eNT6AAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAC/2JJREFUeNrsvQeYHNd1Jvp3TtMzPTkAGKQBCIAUc6YoipKWkpW8ynKQ1r",

file: "https://redirector.googlevideo.com/videoplayback?requiressl=yes&shardbypass=yes&cmbypass=yes&id=85447e8dcca62496&itag=37&source=picasa&cmo=secure_transport%3Dyes&ip=0.0.0.0&ipbits=0&expire=1409263315&sparams=requiressl,shardbypass,cmbypass,id,itag,source,ip,ipbits,expire&signature=9502110CBD5EB672BEFED7A42BB71A1A0040EA3F.AF8F7074D3EA1B7EF034923F51B139F96E1EB386&key=lh1&cpn=o641DPR2ifWhwWA1&c=web&cver=html5",

modes: [

{ type: "html5" },

{ type: "flash", src: "http://r20---googlevideo.com/jwplayer/jwplayer.flash.swf" }

],

//skin: "http://r20---googlevideo.com/jwplayer/skins/six.xml",

startparam: "start",

provider: "http",

type: "mp4",

aspectratio: "16:9",

logo: {

file: '',

link: '',

position: 'top-right'},

width: 720,

height: 420

     });

</script>

 

so  i want hide/encrypt/obfuscate i don't know what is the best practice the file link and put something this:

 

file:"http:\/\/r20---googlevideo.com\/picasa\/redirect.php?encrypt=0f10fd0fd0f90c30b80b80fb0ee0ed0f20fb0ee0ec0fd0f80fb0b70f00f80f80f00f50ee0ff0f20ed0ee0f80b70ec0f80f60b80ff0f20ed0ee0f80f90f50ea1020eb0ea0ec0f40c80f20ed0c60bc0bc0bc0be0c00bb0c00c00c10ed0bf0ed0ee0b90bb0bb0af0f2"

 

can you suggest me how?

 

thank a lot

[Psycho]

What are you trying to achieve? Are you trying to prevent people from opening the video directly? You can't. Yes there are things you could do to make it a little more difficult, but in the end it is impossible. So, why go to the trouble. People are always asking how they can "protect" their content from being copied. If you are making content publicly available on the internet - it is publicly available.

[dreamseeker]

i want achieve that you through your browser inspector etc if you check html and copy in your editor you don't see the original source of stream but the encoded/encrypted. Of course i know that it will be playableanyway but customer ask me to "crypt/encode" the original source url doesn't matter if is playable

 

[Psycho]

You need to educate your client that what he/she is asking for provides no real value. You *could* do some things that make it only moderately more difficult to find the actual URL. But, anyone with any knowledge of how this stuff works can easily find that URL. You can't provide something to a user (text, images, video, etc.) and protect it at the same time. It doesn't take advanced hacking skills. Heck, when I want cover art for my MP3 albums I run into sites all the time that try to do stupid things to prevent the images from being copied. [ Note: this is for my personal use and not commercial so this is protected under Fair Use laws] For example they may disable right-click menu. Well, that can be defeated by turning off JavaScript and it also takes away the ability to other useful functions such as printing. Or, they may put a transparent image over the actual image. Again easily worked around. Any image you are viewing in your browser has already downloaded to your machine. All you have to do is go to the cache and find it. But, in those cases I just take the even easier low-tech solution of taking a screenshot on my computer and cropping the image out.

 

You cannot protect the content you are providing the user. Period. End. Of. Story.

 

So, you could make it only moderately more difficult for the user to find the real URL. Just point the URL to one of your pages and have that page do a redirect to the actual URL.

 

So, in the page you provide the user, use a URL such as http://mysite.com/video.php?id=5

 

Then, create the page video.php and create code to determine the actual URL to redirect to:

$videoID = $_GET['id'];
 
if($videoID==5)
{
    header("Location: http://real_url_to_the_page");
}

But, this is all pointless because it is very simple to "see" what URLs the browser is loading. Browsers have ways to inspect the requests that are being made, plus there are additional add-ins and 3rd party tools that would make it child's play to find that URL. Because, when the redirect happens, the user's browser still has to make a call to that URL.

Edited July 30, 2014 by Psycho

[dreamseeker]

thank you very much u have help me a lot and i will follow you suggest also to manage better the customer.

 

thanks again.