ussher
asked on
Stop swf file loading directly in browser
Hi,
I have a flash movie that i have created. It is viewed by accessing the file flash.php
this file checks that the person is logged in and if they are logged in then it displays the movie flash.swf
how can i stop people who are not logged in accessing flash.swf directly from the browser?
thanks
I have a flash movie that i have created. It is viewed by accessing the file flash.php
this file checks that the person is logged in and if they are logged in then it displays the movie flash.swf
how can i stop people who are not logged in accessing flash.swf directly from the browser?
thanks
The best method to stop users from directly accessing the swf is to disable hotlinking of swf files. If your server has CPanel control panel, you can directly do it from there.
Otherwise check this link http://www.fuitadnet.com/forums/showthread.php?t=3053
hope this helps
kiranvj
Otherwise check this link http://www.fuitadnet.com/forums/showthread.php?t=3053
hope this helps
kiranvj
ASKER
Thanks for your replies.
Aneesh Chopra:
Should have said. the swf file is not made with the Flash maker it was made by vnc2swf so i dont have access to the variables inside the flash.
kiranvj:
I have Plesk control panel. Reading thread now.
Aneesh Chopra:
Should have said. the swf file is not made with the Flash maker it was made by vnc2swf so i dont have access to the variables inside the flash.
kiranvj:
I have Plesk control panel. Reading thread now.
ASKER
OK i have read the thread about hotlinking. and it appears to be to stop other sites form including my SWF file in their content and displaying it.
This was not what i had in mind when i asked the question, but is important.
what i want is
hxxp://mysite.com/flash.ph p
check if user is logged in
if YES show flash.swf
If No show "Please log in"
But the problem i have is if somebody who is not logged in goes straight to
hxxp://mysite.com/flash.SW F
they totally bypass the IF LOGGED IN check and can view the movie.
How can i stop them from being able to view the movie.
If the SWF was a php file i would store it in an offline directory and use and include statement so the address was not visible in the browser but i dont know how to do this for a swf file.
cheers.
This was not what i had in mind when i asked the question, but is important.
what i want is
hxxp://mysite.com/flash.ph
check if user is logged in
if YES show flash.swf
If No show "Please log in"
But the problem i have is if somebody who is not logged in goes straight to
hxxp://mysite.com/flash.SW
they totally bypass the IF LOGGED IN check and can view the movie.
How can i stop them from being able to view the movie.
If the SWF was a php file i would store it in an offline directory and use and include statement so the address was not visible in the browser but i dont know how to do this for a swf file.
cheers.
i think you can disable hotlinking from Plesk, got from another site
Use Plesk CP >> Domains >> Domainname >> Hosting >> Click Hotlink Protection and enable it.
Use Plesk CP >> Domains >> Domainname >> Hosting >> Click Hotlink Protection and enable it.
as per your requirement, it is not possible without altering the SWF only.
you want someone should not be able to see the SWF directly, then you should have this check inside SWF only
another alternative is, using .htaccess to restrict directory access without username/pass
this way, no one can access directory files without logining in
you want someone should not be able to see the SWF directly, then you should have this check inside SWF only
another alternative is, using .htaccess to restrict directory access without username/pass
this way, no one can access directory files without logining in
ASKER
is there any way to store the SWF in a directory above root and still have it played when called?
/httpfiles/flash.php
<param name="movie" value="../offlineFiles/fla sh.swf">
/offlineFiles/flash.swf
not possible??
/httpfiles/flash.php
<param name="movie" value="../offlineFiles/fla
/offlineFiles/flash.swf
not possible??
it is not possible..
>>But the problem i have is if somebody who is not logged in goes straight to
>>hxxp://mysite.com/flash. SWF
If you enable hotlinking for swf files, even if someone types hxxp://mysite.com/flash.SW F it will be blocked
>>hxxp://mysite.com/flash.
If you enable hotlinking for swf files, even if someone types hxxp://mysite.com/flash.SW
because SWF run on client machine not on server side
ASKER
another option:
is there any way to use .htaccess to block any files with the extention of .swf from being called by the browser?
so when .php file opens it will play but when .swf file is called htaccess blocks it.
Hoping there is a way before i give up looking.
is there any way to use .htaccess to block any files with the extention of .swf from being called by the browser?
so when .php file opens it will play but when .swf file is called htaccess blocks it.
Hoping there is a way before i give up looking.
ASKER
>> If you enable hotlinking for swf files, even if someone types hxxp://mysite.com/flash.SW
Really?
If this works then that would solve my problem.
Ill try it now.
>>If this works then that would solve my problem.
It should work.
It should work.
do you have a windows server or a linux server?
ASKER
linux.
but my plesk control pane does not appear to have "hotlink protection"
I am logged on as root. it does not appear in the 'hosting' section of the domain name.
ill look around for it.
but my plesk control pane does not appear to have "hotlink protection"
I am logged on as root. it does not appear in the 'hosting' section of the domain name.
ill look around for it.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
The ,htaccess file successfully stopped me from accessing the SWF file from inside the PHP file and directly when the name of yoursite.com did not match my site name.
Then when i changed the .htaccess file to include my site name i was able to see the swf movie from inside the php file and directly.
So the script appears to successfully limit the access down to only viewable from my site but from my site either version is accessable. .php and .swf
Then when i changed the .htaccess file to include my site name i was able to see the swf movie from inside the php file and directly.
So the script appears to successfully limit the access down to only viewable from my site but from my site either version is accessable. .php and .swf
can u directly access the swf file now? like hxxp://mysite.com/flash.SW F
ASKER
yes.
i might be cache showing up, can u clear the cache and check again.
ASKER
Nice Thinking.
That has done it. Thanks.
After i clear the cache and go directly to the
hxxp://mysite.com/flash.sw f
I am automatically redirected to the top page of the site. This is exactly what i wanted. Thanks
That has done it. Thanks.
After i clear the cache and go directly to the
hxxp://mysite.com/flash.sw
I am automatically redirected to the top page of the site. This is exactly what i wanted. Thanks
Thats great, glad to know it worked and thanks for the points and grade.
kiranvj
kiranvj
ASKER
Update:
Internet Explorer as usual is making life difficult for me.
The above works perfectly for firefox, but in internet explorer version 6 the SWF files will not load at all. Not into the PHP pages or directly to the swf files.
Any Ideas as to why this might be?
Internet Explorer as usual is making life difficult for me.
The above works perfectly for firefox, but in internet explorer version 6 the SWF files will not load at all. Not into the PHP pages or directly to the swf files.
Any Ideas as to why this might be?
The disable Hotlinking feature works in server. So it should work fine in any browser.
1) Was it working fine in IE6 before you disabled hotlinking.?
2) When you access the swf files directly in IE6, is the page redirected to your custom page.
1) Was it working fine in IE6 before you disabled hotlinking.?
2) When you access the swf files directly in IE6, is the page redirected to your custom page.
ASKER
should i open a new question for this?
I always seam to have problems with Internet Explorer.
WITH .htaccess
flash.php works correctly in firefox. The swf file can be viewed.
flash.swf works correctly in firefox. when i open it direclty in the browser i am redirected to the top page of the site.
flash.php fails in IE. The containing page can be viewed but never loads. A continual loading symbol and a white page.
flash.swf works correctly in IE. when i open it direclty in the browser i am redirected to the top page of the site.
WITHOUT .htaccess
flash.php works correctly in firefox. The swf file can be viewed.
flash.swf works correctly in firefox. when i open it direclty in the browser i am redirected to the top page of the site.
flash.php works correctly in IE. The swf file can be viewed.
flash.swf works correctly in IE. when i open it direclty in the browser i am redirected to the top page of the site.
So the problem is with the SWF file being not being loaded into the php file when the htaccess file is in place.
I always seam to have problems with Internet Explorer.
WITH .htaccess
flash.php works correctly in firefox. The swf file can be viewed.
flash.swf works correctly in firefox. when i open it direclty in the browser i am redirected to the top page of the site.
flash.php fails in IE. The containing page can be viewed but never loads. A continual loading symbol and a white page.
flash.swf works correctly in IE. when i open it direclty in the browser i am redirected to the top page of the site.
WITHOUT .htaccess
flash.php works correctly in firefox. The swf file can be viewed.
flash.swf works correctly in firefox. when i open it direclty in the browser i am redirected to the top page of the site.
flash.php works correctly in IE. The swf file can be viewed.
flash.swf works correctly in IE. when i open it direclty in the browser i am redirected to the top page of the site.
So the problem is with the SWF file being not being loaded into the php file when the htaccess file is in place.
hi ussher,
>>should i open a new question for this?
It will be good I think, because since this question is already closed, it will not appear in open questions list. So you wont be getting help from other experts.
You can give link to this page in the new question.
And regarding the problem, if possible can you please give a link to a test page, so I can check it.
kiranvj
>>should i open a new question for this?
It will be good I think, because since this question is already closed, it will not appear in open questions list. So you wont be getting help from other experts.
You can give link to this page in the new question.
And regarding the problem, if possible can you please give a link to a test page, so I can check it.
kiranvj
ASKER
new question is opened here:
https://www.experts-exchange.com/questions/22760746/IE6-htaccess-rewrite-problem-with-SWF-file.html
The demo version is here:
http://eeproblem.hostsaba.com/htaccess_true/ // with htaccess file
http://eeproblem.hostsaba.com/htaccess_false/ // with no htaccess file
https://www.experts-exchange.com/questions/22760746/IE6-htaccess-rewrite-problem-with-SWF-file.html
The demo version is here:
http://eeproblem.hostsaba.com/htaccess_true/ // with htaccess file
http://eeproblem.hostsaba.com/htaccess_false/ // with no htaccess file
and SWF should check for this variable, if loginStatus == "true" then only start playing SWF otherwise, just display a message that "user is not logged in"
-------------------
Aneesh Chopra
-------------------