chris_petey
asked on
Php include("movie.mov") Error syntax error, unexpected '@'
I am trying to make video pages that allow you to view the video but not directly link to the video for download. I did this same kind of deal with a photo gallery and it works like a charm, I assume its because of the way it reads the image in. Ill take out all non essential html so its easier to read. Heres my code
video_viewer.php
--------------------------
<script language="javascript">QT_W
--------------------------
get_video.php
--------------------------
$path = "videos/";
ini_set('display_errors', 1);
$from_name = $path . urldecode($_REQUEST['video
include($from_name);
break;
return;
--------------------------
Theoretically, atleast the way it worked with the image pages, is that when the viewer page calls the get_video page it reads the filename back in without showing it in the source code, but what appears to be happening is when it pulls it in it pulls it as reading the file and not the actual name of the file.
Any ideas????
video_viewer.php
--------------------------
<script language="javascript">QT_W
--------------------------
get_video.php
--------------------------
$path = "videos/";
ini_set('display_errors', 1);
$from_name = $path . urldecode($_REQUEST['video
include($from_name);
break;
return;
--------------------------
Theoretically, atleast the way it worked with the image pages, is that when the viewer page calls the get_video page it reads the filename back in without showing it in the source code, but what appears to be happening is when it pulls it in it pulls it as reading the file and not the actual name of the file.
Any ideas????
check this also http://apptools.com/phptools/force-download.php
In PHP, include() "includes _and_ evaluates the specified file". That means that the file is attempted to evaluate as PHP which - of course - it isn't.
As kiranvj said, you should use readfile() instead (with the suitable Content-type header as he's explaining). But you should *not* use the Content-disposition -header he suggested (since you *want* the file to be used in the browser and *not* have the browser show you a "Save as..."-dialog).
As kiranvj said, you should use readfile() instead (with the suitable Content-type header as he's explaining). But you should *not* use the Content-disposition -header he suggested (since you *want* the file to be used in the browser and *not* have the browser show you a "Save as..."-dialog).
ASKER
It looks like this code pulls in the video but how do i pull in just the filename? I'm using the QT_WriteOBJECT method to write out the code in the page, will this method work without having to use this?
Assuming the first argument for QT_WriteOBJECT is the URL of the video, for the thing to work in the first place, you don't want to return the filename from get_video.php (instead you want to return the actual contents of the video file).
As to "how do i pull in just the filename", it's just like this:
<?php
$path = "videos/";
$from_name = $path . urldecode($_REQUEST['video
print($from_name);
?>
But I really think that is not what you want to do :)
<?php
$path = "videos/";
$from_name = $path . urldecode($_REQUEST['video
print($from_name);
?>
But I really think that is not what you want to do :)
Furthermore, using something like that in a live environment would be something short of shooting yourself in the foot.
Consider get_video.php?video=../../
Consider get_video.php?video=../../
ASKER
No its prolly not such a good idea after seeing that :-) I'm just trying to load in a quicktime movie without actually showing the direct link to the movie. For leeching purposes.
I would suggest using some sort of translation matrix, where you only provide and if to get_video.php which will, based on the id, return the contents of the video. Something like this (not tested, prone to typos):
<?php
$matrix = Array(
"abc" => "my_little_pony.mov",
"def" => "teletubbies.mov",
"ghi" => "debbie_does_dallas.mov",
);
$path = 'videos/';
if (!array_key_exists($_GET["
// Default if the user requests a video not in the translation matrix
$file = $path.'goatse.mov';
} else {
$file = $path.$matrix[$_GET["v"]];
}
header('Content-type: video/quicktime');
readfile($file);
?>
And this would be called like:
<script language="javascript">
QT_WriteOBJECT('get_video.
</script>
...because no-one's really interested in My little pony or teletubbies, right :)
<?php
$matrix = Array(
"abc" => "my_little_pony.mov",
"def" => "teletubbies.mov",
"ghi" => "debbie_does_dallas.mov",
);
$path = 'videos/';
if (!array_key_exists($_GET["
// Default if the user requests a video not in the translation matrix
$file = $path.'goatse.mov';
} else {
$file = $path.$matrix[$_GET["v"]];
}
header('Content-type: video/quicktime');
readfile($file);
?>
And this would be called like:
<script language="javascript">
QT_WriteOBJECT('get_video.
</script>
...because no-one's really interested in My little pony or teletubbies, right :)
"where you only provide and if to" = "where you only provide an id to"
ASKER
I like that idea, would something like this work?
I was playing around with this but when I put the if in the get_video page is shows a broken video link
video_viewer.php
--------------------------
<?php
$authorized = "shonuff";
$video = urldecode($_REQUEST['video
?>
<script language="javascript">QT_W
--------------------------
get_video.php
--------------------------
if ($authorized)
{
$path = "videos/";
$from_name = $path . $_REQUEST['video'];
header('Content-type: video/quicktime');
readfile($from_name);
break;
} else {
echo "You Cannot Link To The Video In This Way...";
}
--------------------------
I was playing around with this but when I put the if in the get_video page is shows a broken video link
video_viewer.php
--------------------------
<?php
$authorized = "shonuff";
$video = urldecode($_REQUEST['video
?>
<script language="javascript">QT_W
--------------------------
get_video.php
--------------------------
if ($authorized)
{
$path = "videos/";
$from_name = $path . $_REQUEST['video'];
header('Content-type: video/quicktime');
readfile($from_name);
break;
} else {
echo "You Cannot Link To The Video In This Way...";
}
--------------------------
Basically yes. However, I think the thing you're actually trying to do is not possible.
See, you will need to pass the variable $authorized to get_video.php (and anyone with a browser who knows to look into the source will see that. Currently the mentioned variable is only present in video_viewer.php ... you need to realise that the browser is going to be doing two distinct GETs; one for video_viewer.php and another for get_video.php ... there's no way you can "include" a file directly into the page.
It needs to be understood, that whatever the user is able to see on their screen, they will be able to leach to their computer. Some methods of doing this are easier than other, but still - everything can be downloaded one way or another.
See, you will need to pass the variable $authorized to get_video.php (and anyone with a browser who knows to look into the source will see that. Currently the mentioned variable is only present in video_viewer.php ... you need to realise that the browser is going to be doing two distinct GETs; one for video_viewer.php and another for get_video.php ... there's no way you can "include" a file directly into the page.
It needs to be understood, that whatever the user is able to see on their screen, they will be able to leach to their computer. Some methods of doing this are easier than other, but still - everything can be downloaded one way or another.
ASKER
If i do this
if ($authorized)
{
echo "yes";
} else {
echo "No";
}
Then include the file it gets the variable from the viewer page and works fine. Is this (get_video.php?video=<?php
I know its impossible to keep everyone from taking things but im hoping to cut down on the amount of stealing.
I'm baseing this on a code i used for thumbnails that streams an image back to the browser and when the page was directly accessed would show an error type of message to the user.
if ($authorized)
{
echo "yes";
} else {
echo "No";
}
Then include the file it gets the variable from the viewer page and works fine. Is this (get_video.php?video=<?php
I know its impossible to keep everyone from taking things but im hoping to cut down on the amount of stealing.
I'm baseing this on a code i used for thumbnails that streams an image back to the browser and when the page was directly accessed would show an error type of message to the user.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
<?php
// We'll be outputting a MOV file
$path = "videos/";
$from_name = $path . urldecode($_REQUEST['video
header('Content-type: video/quicktime');
header('Content-Dispositio
readfile($from_name);
?>