httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Lucio Godoy <luciocfgo...@hotmail.com>
Subject [users@httpd] URL protection with Encryption on the HTML Source Code
Date Sun, 23 Nov 2008 20:48:11 GMT

Hi All; I am using: Fedora 8, Apache version 2.2.8, MySQL version 5.0.45. I have been developing
a restricted web site (username/password authenticated via PHP onto a MYSQL user table) which
will allow users to retrieve movies that they have FTP uploaded from their mobile phones.
The uploading is working fine with proftpd/mysql combination, and the movie is transfered
to the users directory. When the user wants to retrieve the movie, they login to the website
and a dynamic list of movies is built and the user clicks on the image thumbnail and a pop-up
screen starts to play the movie automatically. My problem is that the URL that relates to
the user/movie is fully displayed if you look at the html source code. For an experienced
programmer they can quick workout the URL/PATH and download somebody else's movie. I would
like somehow to encrypt the Movie URL, making almost impossible for somebody to workout the
path to the directory, much like what youtube does (I think). This is my html code:      <object"
type="application/x-oleobject" width="341" height="388" align="middle" standby="Loading Media
Player components..." class="style8" id="MediaPlayer">        <param name="FileName"
value="https://www.example.com/www/1191247361/ftp/00_16_55_01_7A_90_2008_08_21_06_08_05.avi"
/>        <param name="ShowStatusBar" value="True" />        <param name="DefaultFrame"
value="mainFrame" />        <param name="autostart" value="true" />        <embed
src="https://www.example.com/www/1191247361/ftp/00_16_55_01_7A_90_2008_08_21_06_08_05.avi"
width="341" height="388" autostart="true" align="middle" filename="https://www.example.com/www/1191247361/ftp/00_16_55_01_7A_90_2008_08_21_06_08_05.avi"
showstatusbar="True" defaultframe="mainFrame"></embed>      </object>
 
if the unscrupulous user cuts and pastes the above url, they can access the content directly
without any authentication. Thank you for your help and suggestions. Lucio
_________________________________________________________________
See the most popular videos on the web 
http://clk.atdmt.com/GBL/go/115454061/direct/01/
Mime
View raw message