Peivasteh wrote:
Hi
Anybody can help who know PHP .
I want you to have look at this site first.
http://www.bigshotmedia.com
How this site use PHP to protect swf files to not download to cashin
temparary folder.
Anybody knows about this how PHP works or what is PHP script.
Thanks
Behzad Peivasteh
You can never stop people from getting your .swf file.
At the end of the day, the browser will always receive a link to the
..swf file which they can just use a downloading program like wget to
fetch (or create a link in a HTML page and do "Save linked target as...").
Caching or no caching, Mozilla allows you to save ALL page attachments
through it's "page info" dialog box (gotta love Mozilla).
The best thing you can do is create a "shell" .swf file which makes
internal calls to the "main" .swf file when it runs [in the users
browser]. That means it doesn't matter if people download the .swf file
pointed to by the HTML, because they will only have the shell.
If someone was "really" keen, they could probably sniff the wire to see
what calls the shell .swf file was making and then duplicate the calls
to fetch all the component .swf file, but that would require a lot of
effort.
The other thing you can do to make it still harder, is to have the href
point to a php file with a session id (or some other key). The php file
then does something like
<?php // make sure no whitespace precedes the opener
if(is_valid_session($_REQUEST["sessid"])) {
header("Content-Type: application/swf;"); // I'm guessing this.
$fh = fopen($the_real_swf_location,"r");
fpassthru($fh);
fclose($fh);
die();
}
?>
<div class="warning">Oh no you don't...</div>
Of course, in the above example, you have to define the function
is_valid_session() and you have to populate the variable
$the_real_swf_location
