Php include("movie.mov") Error syntax error, unexpected '@'

check this also http://apptools.com/phptools/force-download.php

In PHP, include() "includes _and_ evaluates the specified file". That means that the file is attempted to evaluate as PHP which - of course - it isn't.

As kiranvj said, you should use readfile() instead (with the suitable Content-type header as he's explaining). But you should *not* use the Content-disposition -header he suggested (since you *want* the file to be used in the browser and *not* have the browser show you a "Save as..."-dialog).

It looks like this code pulls in the video but how do i pull in just the filename?  I'm using the QT_WriteOBJECT method to write out the code in the page, will this method work without having to use this?

Assuming the first argument for QT_WriteOBJECT is the URL of the video, for the thing to work in the first place, you don't want to return the filename from get_video.php (instead you want to return the actual contents of the video file).

As to "how do i pull in just the filename", it's just like this:

<?php
$path = "videos/";
  $from_name = $path . urldecode($_REQUEST['video']);
  print($from_name);
?>

But I really think that is not what you want to do :)

Furthermore, using something like that in a live environment would be something short of shooting yourself in the foot.

Consider get_video.php?video=../../../../../../../../../../../etc/passwd

No its prolly not such a good idea after seeing that :-)  I'm just trying to load in a quicktime movie without actually showing the direct link to the movie.  For leeching purposes.

I would suggest using some sort of translation matrix, where you only provide and if to get_video.php which will, based on the id, return the contents of the video. Something like this (not tested, prone to typos):

<?php

$matrix = Array(
  "abc" => "my_little_pony.mov",
  "def" => "teletubbies.mov",
  "ghi" => "debbie_does_dallas.mov",
);

$path = 'videos/';
if (!array_key_exists($_GET["v"])) {
  // Default if the user requests a video not in the translation matrix
  $file = $path.'goatse.mov';
} else {
  $file = $path.$matrix[$_GET["v"]];
}

header('Content-type: video/quicktime');
readfile($file);

?>

And this would be called like:

<script language="javascript">
  QT_WriteOBJECT('get_video.php?video=ghi' , width , height , '', 'kioskmode', 'true', 'scale', 'tofit');
</script>

...because no-one's really interested in My little pony or teletubbies, right :)

"where you only provide and if to" = "where you only provide an id to"

I like that idea, would something like this work?
I was playing around with this but when I put the if in the get_video page is shows a broken video link


video_viewer.php
--------------------------------
<?php
$authorized = "shonuff";
$video = urldecode($_REQUEST['video']);
?>

<script language="javascript">QT_WriteOBJECT('get_video.php?video=<?php echo urldecode($_REQUEST['video']); ?>' , width , height , '', 'kioskmode', 'true', 'scale', 'tofit');</script>
--------------------------------



get_video.php
--------------------------------
if ($authorized)
{
$path = "videos/";
$from_name = $path . $_REQUEST['video'];
header('Content-type: video/quicktime');
readfile($from_name);
break;
} else {
echo "You Cannot Link To The Video In This Way...";
}
--------------------------------

Basically yes. However, I think the thing you're actually trying to do is not possible.

See, you will need to pass the variable $authorized to get_video.php (and anyone with a browser who knows to look into the source will see that. Currently the mentioned variable is only present in video_viewer.php ... you need to realise that the browser is going to be doing two distinct GETs; one for video_viewer.php and another for get_video.php ... there's no way you can "include" a file directly into the page.

It needs to be understood, that whatever the user is able to see on their screen, they will be able to leach to their computer. Some methods of doing this are easier than other, but still - everything can be downloaded one way or another.

If i do this

if ($authorized)
{
echo "yes";
} else {
echo "No";
}

Then include the file it gets the variable from the viewer page and works fine.  Is this (get_video.php?video=<?php echo urldecode($_REQUEST['video']); ?>) and include not basically the same thing, it acceses the page and spits the code back out?

I know its impossible to keep everyone from taking things but im hoping to cut down on the amount of stealing.

I'm baseing this on a code i used for thumbnails that streams an image back to the browser and when the page was directly accessed would show an error type of message to the user.