Hi Guys
Please can you help me as I am trying to get a website setup with music flash files. So far I have the following working code:
mymusic.html:
<html>
<head>
<title>Flash</title>
</head>
<body>
<object width="550" height="400">
<embed src="file.php?swf=myflash.swf" quality="high" type="application/x-shockwave-flash" WMODE="transparent" width="360" height="26" pluginspage="http://www.macromedia.com/go/getflashplayer" allowScriptAccess="always" />
</object>
</body>
</html>
file.php:
<?php
$file = "/home/username/private/";
header('content-type: application/x-shockwave-flash');
readfile($file.$_GET['swf']);
?>
This works fine in that I can browse to mymusic.html and it will play the flash file myflash.swf which is stored outside of my root directory.
I cannot easily retrieve the music file via "view source" or temp internet files, and I appreciate that I can never prevent the most determined individual from getting hold of the music track and that is fine, I just want to make it difficult enough to deter the average user.
So what code should/can I add to make this more secure?
I saw in one place that the following was added but will it help?:
header("Cache-Control: no-cache, must-revalidate");
header("Expires: Mon, 18 Jan 2010 00:00:00 GMT");
I would really appreciate any assistance/pointers!
Thanks