Welcome Guest, Not a member yet? Register   Sign In
CodeIgniter Forums Archived Discussions Archived Development & Programming How can I show SWF file from a folder outside the docroot for security
How can I show SWF file from a folder outside the docroot for security
  • El Forum
    Guest
  •  
#1
12-21-2007, 02:43 PM

[eluser]spheroid[/eluser]
I currently have a page which launches a SWF file in a new window. For security purposes, I don't want the SWFs inside the docroot so someone can't grab the files. In testing this, Firefox will load them, but IE takes a bit, and the progress meter of the SWF file (Loading...) takes a bit to come up. Tested in Firefox 2 and IE 6. I'm using code to load the file contents and send header info for the file. Another issue is that if I do it this way, I can't put the SWF with anything else on the page.

Usage: The URL launched would be: http://mysite/assets/servevideo/293

Controller:

Code:
<?php

class Assets extends MY_Controller {
    
    function __construct()
    {
        parent::MY_Controller();
        //$this->output->enable_profiler(TRUE);
    }
    
    function _downloadHeaders($filename,$filesize)
    {
        // $mode: D = force download, I = attempt inline
        $type = $this->_getMimeType($filename);
        session_start();
        //header('Content-Disposition: inline; filename="'.$filename.'"');
        header('Content-type: '.$type);
        header("Expires: Thu, 01 Jan 1970 00:00:00 GMT, -1 ");
        header("Cache-Control: cache, must-revalidate");
        header("Pragma: cache");
    }

    function _getMimeType($file)
    {
        $nameArr = explode('.',$file);
        $ext = $nameArr[(count($nameArr) - 1)];
        switch(strtolower($ext))
        {
            case 'swf':
                $type = 'application/x-shockwave-flash';
                break;
            case 'fla':
                $type = 'application/octet-stream';
                break;
            default:
                $type = 'application/octet-stream';
                break;
        }
        return $type;
    }

    function _readfile_chunked($filename,$retbytes=true)
    {
        $chunksize = 1*(1024*1024); // how many bytes per chunk
        $buffer = '';
        $cnt =0;
        // $handle = fopen($filename, 'rb');
        $handle = fopen($filename, 'rb');
        if ($handle === false)
        {
            return false;
        }
        while (!feof($handle))
        {
            $buffer = fread($handle, $chunksize);
            echo $buffer;
            ob_flush();
            flush();
            if ($retbytes)
            {
                $cnt += strlen($buffer);
            }
        }
        $status = fclose($handle);
        if ($retbytes && $status)
        {
            return $cnt; // return num. bytes delivered like readfile() does.
        }
           return $status;
    }    
    
    function servevideo()
    {
        $video_id = $this->uri->segment(3);
        //Check access
        
        //If allowed, figure where real video is from video_id
        $video_dir = "/path/to/swf_files/outside_docroot/";
        
        $this->load->model('Attend_model', '', TRUE);
        $data['VideoInfo'] = $this->Attend_model->findVideo($video_id);
        
        foreach ($data['VideoInfo']->result() as $Video)
        {
            $file_name = $Video->file_name;
            $width = $Video->width;
            $height = $Video->height;
        }
        
        $filename = $video_dir . $file_name . ".swf";
        
        $filesize = filesize($filename);
        
        $this->_downloadHeaders($filename,$filesize);
        $this->_readfile_chunked($filename);
    }    
    
}
?>




Theme © iAndrew 2016 - Forum software by © MyBB