trillion Posted October 26, 2006 Share Posted October 26, 2006 I need to deny direct access to a php file. This file builds an xml formated output for an mp3 player that uses XSPF playlists. I have tried the methods mentioned here and these will come in handy for other areas but on this issue these techniques are not working.http://www.codingforums.com/showthread.php?p=496650The file that calls the php playlist file is a Flash file. The flash file is calling the playlist so the linked examples above fail because the playlist is not getting the correct message.I have worked with php/flash inter-communication before but I did not build this mp3 player. This is the player: http://musicplayer.sourceforge.net/So I need another way to keep the user from accessing the playlist file directly.Thanks Link to comment https://forums.phpfreaks.com/topic/25145-stop-direct-access-to-file/ Share on other sites More sharing options...
xsist10 Posted October 26, 2006 Share Posted October 26, 2006 What webserver are you using (IIS, Apache)?# EDIT #You'll want to put the PHP file in it's own folder and put a .htaccess file in the same folder with the following contents:.htaccess[code]deny from all[/code] Link to comment https://forums.phpfreaks.com/topic/25145-stop-direct-access-to-file/#findComment-114642 Share on other sites More sharing options...
trillion Posted November 1, 2006 Author Share Posted November 1, 2006 The server is apache.The problem is that the playlist file is called from a flash .swfthe .swf playlist access appears to the server as a regular direct playlist file access.Perhaps if I could allow only designated php files to access the playlist file.For example:I have a file player.php. This file holds the .swf player. If this file only was granted access to open readable the playlist file. I am not sure this will work either as it is actually the .swf that opens the playlist.php. Also the playlist.php output is an XML playlist doc if that has any effect as to securing the contents. Link to comment https://forums.phpfreaks.com/topic/25145-stop-direct-access-to-file/#findComment-117700 Share on other sites More sharing options...
xsist10 Posted November 1, 2006 Share Posted November 1, 2006 How about an intermediate php file (like you suggested).Your swf requests secure.php which[code]/player.swf/player.php/locked/.htaccess/locked/playlist.php[/code].htaccess contains:[code]deny from all[/code]player.php will have access to playlist.php because it's on the server, but the .htaccess file will not allow anyone else to call it directly (on one can go http://musicplayer.sourceforge.net/locked/playlist.php Link to comment https://forums.phpfreaks.com/topic/25145-stop-direct-access-to-file/#findComment-117720 Share on other sites More sharing options...
xsist10 Posted November 1, 2006 Share Posted November 1, 2006 I love your project by the way. Very nice :) Link to comment https://forums.phpfreaks.com/topic/25145-stop-direct-access-to-file/#findComment-117721 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.