FVxSF Posted June 3, 2008 Share Posted June 3, 2008 I'm looking to add a media player to my site. Nothing fancy or any thing, but I'd like to prevent user from downloading the media. I'm looking to prevent a drain on bandwidth by doing this. I know that I can use a database to store the file locations and names, but one could simply get the request url and download it. I'm trying to think of a way that uses some kind of token or session var. Kinda like a handshake between the player page and the stream page. Any ideas? Every thing I come up with I can by pass by spoofing headers and requests. Link to comment https://forums.phpfreaks.com/topic/108547-help-protect-media-files/ Share on other sites More sharing options...
discomatt Posted June 3, 2008 Share Posted June 3, 2008 Well, in order for them to listen to the music, you have to send it to them in one form or another. This form must be understandable by the client... If you're looking to prevent direct linking, serve the file from a directory outside of webroot via PHP with user authentication. Here's a great way to read and serve a file piece-by-piece credit to flowbee + chrisputnam <?php function readfile_chunked($filename,$retbytes=true) { $chunksize = 1*(1024*1024); // how many bytes per chunk $buffer = ''; $cnt =0; // $handle = fopen($filename, 'rb'); $handle = fopen($filename, 'rb'); if ($handle === false) { return false; } while (!feof($handle)) { $buffer = fread($handle, $chunksize); echo $buffer; ob_flush(); flush(); if ($retbytes) { $cnt += strlen($buffer); } } $status = fclose($handle); if ($retbytes && $status) { return $cnt; // return num. bytes delivered like readfile() does. } return $status; } ?> Link to comment https://forums.phpfreaks.com/topic/108547-help-protect-media-files/#findComment-556693 Share on other sites More sharing options...
FVxSF Posted June 4, 2008 Author Share Posted June 4, 2008 The only problem that I can see with this, is if they take the request link a enter it in the address bar. The script would just download the file. This is what I'm worried about. I'm trying to think of some form of page by page authentication. I'm not worried about total media protection. I mean if some one really wanted to, they could just recored from their speakers. What I was thinking was, the player page generate a code for the media and send the code to the download/stream page through the session. But If i do this, I'd need a way to tell is the code is valid. Preferably with out using a Database. Thanks for the download code too. Link to comment https://forums.phpfreaks.com/topic/108547-help-protect-media-files/#findComment-557418 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.