FLV Player embed. Trying to read FLV from PHP passthough script.

[belial]

Hi there... long time since I've been on this forum... but I now have a problem I really can't solve.

 

I am writing a site which will provide e-seminars. Ideally I'd like to provide them by streaming an flv file played by an embeded FLVPlayer.swf app. The problem is that the seminars are paid for, and so I need to try and protect them (as much as I can) from being leeched. My solution to this in the past has been to use a PHP passthrough script which analyses the $_SERVER params to determine if the media is being requested by one of my webpages, or from a local machine (i.e. leech attempt). In the condition where everything is fine, it sends the correct content-type in the header and then readfiles the server located file. This works fine for jpgs, mp3s.. etc... but now I've turned my eye to FLVPlayer and it simply won't play ball. I've tried adapting the passthough script so it does a header("Location: ".$local_file) instead of sending the content-type and readfile-ing... but still no joy. If I pass the $local_file directly in to the flvplayer as a string, it's fine, but then it's open to be leeched. grrrr. (plan is to .htaccess the media directory, so a "readfile" really is the best way forward.

 

I guess my question is: Does anyone here have experience passing flv data though a php script and getting it to play on flvplayer embedded in a webpage?

 

Here is the media server code (mediasrv.php):

<?php

$in_page=true;
include("template.inc.php");
$dummy=new Template("./template");
include("mysql.inc.php");
$db=new JJ_DB();

// check the requested data for validity
if(isset($_REQUEST['mid']))
{
$s_find_media=sprintf("SELECT * FROM article_media WHERE media_id=%s",$_REQUEST['mid']);
$q_find_media=$db->query($dummy,$s_find_media,__FILE__,__LINE__);
if($q_find_media['num_rows']==0)
	exit;
$a_find_media=mysql_fetch_array($q_find_media['id']);

if($a_find_media['protected']==1 AND !stristr($_SERVER['HTTP_REFERER'],$_SERVER['HTTP_HOST']))
{
	die("Media Copy Protected");
	exit;
}


header("Content-type: ".$a_find_media['media_type']);
if($a_find_media['protected']==1)
{
	header("Cache-Control: no-cache, must-revalidate"); // HTTP/1.1
	header("Expires: Mon, 26 Jul 1997 05:00:00 GMT"); // Date in the past
}
readfile($a_find_media['media_link']);

}

?>

 

And here is an example of the code that would call the mediasrv.php to play the flv.

 

DOESN'T WORK

<embed src='/swf/flvplayer.swf' width='480' height='320' type=\"application/x-shockwave-flash\" allowfullscreen='true' 
flashvars='usefullscreen=true&type=flv&displayheight=320&backcolor=0x000000&frontcolor=0xFFFFF0&bufferlength=1&largecontrols=true&file=mediasrv.php?mid=7'>

NB : file=mediasrv.php?mid=7

 

WORKS?!

<embed src='/swf/flvplayer.swf' width='480' height='320' type=\"application/x-shockwave-flash\" allowfullscreen='true' 
flashvars='usefullscreen=true&type=flv&displayheight=320&backcolor=0x000000&frontcolor=0xFFFFF0&bufferlength=1&largecontrols=true&file=/uploaded_media/video.flv'>

NB : file=/uploaded_media/video.flv

 

I guess it's something to do with get parametering a get parameter... but I don't know how to get around it. HELP! Thanks guys.