CodeDump
Josh Josh - 1 year ago 100
Apache Configuration Question

How to prevent people from accessing source videos without logining in?

I am trying to make a login that would give you access to some videos, pictures, and other files. I can do this with php and a get request (

www.example.com/foo?video1
) and making sure they have a cookie of some sort, but I am unsure how to prevent someone from just typing in the link of the source files (
www.example.com/videos/video1.mp4
). I need away to prevent people from accessing the source files.

System:


  • macOS Sierra 10.12.6

  • Apache



Thanks,
Josh

dGRAMOP dGRAMOP
Answer Source

Put the source files in some directory that is not public, or use an HTAccess. Then, use file_get_contents() and echo to spit out the video. It might look something like this:

getvideo.php?video=test

    <?php
if($_SESSION["username"]!==null)//whatever auth mechanism
{
if(file_exists("videos/".  str_replace( [ '\\', '.', '/'], '', $_GET["video"] ). ".mp4"))
{
header("Content-Type: video/mp4");
readfile("videos/".  str_replace( [ '\\', '.', '/'], '', $_GET["video"] ). ".mp4");
}

else
{
header("HTTP/1.1 404 Not Found");
}
}
else
{
header("HTTP/1.1 401 Unauthorized");
}
exit;
?>
Recommended from our users: Dynamic Network Monitoring from WhatsUp Gold from IPSwitch. Free Download

Sign up

Sign up with GitHub
Latest added
tikal-trivia-game-1
trivia-game
auto cookie login faalt
manual cookie
soaptest
Shell dump
Print an external url without opening the external url
Best Hibernate Interview Questions
Hibernate Interview Questions
30 Best Hibernate Questions for your next Interview.
Sportido - Find People & Places to Play Any Sport
Algdat oblig 1 hiof
Creating your first Scriptable Brush and Scriptable Tile
Launch.log
hashtag_scraper
Learn COBOL
Learn DevOps
Scriptpower
Powershell
treeview optimization