Hi Friend,
Try This.... I was moved by your question and I dived into the deep ocean of coding and I took out this beautiful pearl for you. Tell me if it worked for you as per your requirement or not. Also, do rate my answer. Happy Coding :)
Here's my solution.. this is what I call two layer security and is unbreakable (according to me)... Try it...
<?php
session_start();
session_regenerate_id();
$_SSEION['setToken'] = true;
$token = "vid.mp4";
$token_encrypted = openssl_encrypt($token, "aes128", session_id());
?>
<video width="320" height="240" controls="">
<source src="video.php?vid=<?php echo $token_encrypted; ?>">
</source></video>
<?php
session_start();
$token = $_GET['vid'];
$prev= session_id();
if(isset($_SESSION['setToken']))
{
unset($_SESSION['setToken']);
$token = openssl_decrypt($token, "aes128", session_id());
session_regenerate_id();
$token = openssl_encrypt($token, "aes128", $prev.session_id());
}
else
{
session_regenerate_id(true);
}
header("Location: access.php?id=".$prev."&vid=".$token);
?>
session_start();
$token = openssl_decrypt($_GET['vid'], "aes128", $_GET['id'].session_id());
if(file_exists("videos/".$token))
{
session_regenerate_id(true);
$file = $token;
$file_size = filesize($file);
$file_pointer = fopen($file, "rb");
$data = fread($file_pointer, $file_size);
header("Content-type: video/mp4");
echo $data;
}
else {
echo "Error: File Does not exists";
}
I hope that this complete example will help you attain the results you want to achieve. And Thank you very much for such a nice riddle.
With Regards
Tushar Srivastava