can this be done?

Soldato
Joined
29 Jul 2003
Posts
7,663
hi guys

just had a thought of something i'd like to have in my forum but dont know if its can be done. but hopefully someone here will know

i'll try my best to explain my idea.

www.xxxxxxxxx.com/forum << that's the public url of my forum.

i upload the videos to www.xxxxxxxx.com/video

will make private area in my forum for private registered people to access there. so public registered people wont be able to access there. (ie, under 18,people with low posts etc)

so i post url of the video in private forum, people download the video from /video/ folder BUT this video folder will be opens to public so public people can browse www.xxxxxxxxx.com/video. i'd like to secure this video folder so private registered people can download videos by logged in the private area/forum.

i'm not sure if i explain properly. i've talked to my friend about this, he said he think its called "htpassword" or something like that.

anyone know if its possible to do this? or a better way?

thanks
 
Soldato
Joined
9 Nov 2003
Posts
9,510
Location
The Motor City
The simplest way is to simply throw an index.htm file in the folder so anyone attempting to browse will just get a "Forbidden" page or something. I'm sure there are more secure ways, though. I'm just not familiar with them.
 
Associate
Joined
12 Aug 2005
Posts
1,025
Location
Team 10
Create an index.php file that checks to see if their logged into the forum etc. and they've got over X amount of posts.

Have a seperate DB that contains the video's name that you can 'enable' and 'disable' videos at your will coz your admin.

The users who can see this area see the videos as listed using the DB for hyperlinks. Instead of listing the video's straight to their actual URL, you could do something like this.

User clicks on 'OMG_download_me.mpg'. This video is looked up in the database and the REAL video's name is something like 'ksg294tvgveigr2v348.mpg'. The index.php file then sends the user this video but under the name they clicked on it.

That way, they don't get to see what the real video's name is and everyone wins :)

Note: That wasn't explained very well :confused:
 
Soldato
Joined
26 Dec 2003
Posts
16,522
Location
London
Rewrite everything in the videos directory to a PHP file, which checks if the user is logged in before giving the file to the user. Voila.

To redirect, stick this in a file called .htaccess in your videos directory:

Code:
RewriteEngine On
RewriteRule ^.*(mpe?g|avi|mov)$ index.php

How you check if the user is logged in or not depends on what forum software you use, but the basic principle is thus:

PHP:
<?php

if( is_logged_in() ) {
    
    $filename = './'.str_replace('..', '', $_GET['filename']);

    if( !file_exists($filename) )
        die;

    header('Content-Type: '.mime_content_type($filename));
    readfile($filename);

} else {

    echo "You need to be logged in to view this file!";

}

?>
 
Soldato
OP
Joined
29 Jul 2003
Posts
7,663
hi rob,

still not sure what to do but if you dont mind if u rewrite those codes for me then i'll do a little test so i can change the codes for different username and video

a video is 1.mpg in video folder

username/password is ben/ben

i'm using phpbb forum.

thanks
 
Back
Top Bottom