Strona główna Odkrywaj Pomoc
Zarejestruj się Zaloguj się
Moe
/
moeFlix
1
0
Forkuj 0
Pliki Problemy 0 Oczekujące zmiany 0 Wiki
Przeglądaj źródła

Filename-Header, encrypting "file"-param for readfile.php

Moritz Schmidt 9 lat temu
rodzic
5d6308c46e
commit
9de83e7812
6 zmienionych plików z 23 dodań i 7 usunięć
Widok podzielony Pokaż statystyki zmian
  1. 2 1
      inc/config.inc.php.dist
  2. 9 0
      inc/model.php
  3. 7 2
      readfile.php
  4. 2 2
      templates/episode.php
  5. 2 2
      templates/movie.php
  6. 1 0
      test.php

+ 2 - 1
inc/config.inc.php.dist
Wyświetl plik 

@@ -5,7 +5,8 @@ $CONF = array(
 
   "dbUser" => "user",
 
   "dbPass" => "pass",
 
   "dbName" => "dbName",
 
-  "baseURL" => "/"
 
+  "baseURL" => "/",
 
+  "encKey" => "superSecretKey" // 16, 24 or 32 key
 
 
 );
 
 $GLOBALS['conf'] = $CONF;

+ 9 - 0
inc/model.php
Wyświetl plik 

@@ -63,5 +63,14 @@ class Model {
 
 

 		return $source[0]['path'] . "/" . $movie[0]['path'];

 	}

+

+	public static function encryptText($text) {

+        return trim(base64_encode(mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $GLOBALS['conf']['encKey'], $text, MCRYPT_MODE_ECB, mcrypt_create_iv(mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_ECB), MCRYPT_RAND))));

+  }

+

+  public static function decryptText($text) {

+        return trim(mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $GLOBALS['conf']['encKey'], base64_decode($text), MCRYPT_MODE_ECB, mcrypt_create_iv(mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_ECB), MCRYPT_RAND)));

+  }

+

 }

 ?>

+ 7 - 2
readfile.php
Wyświetl plik 

@@ -1,4 +1,7 @@
 
 <?php
 
+
 
+require('inc/config.inc.php');
 
+require('inc/model.php');
 
 /**
 
  * Description of VideoStream
 
  *
 
@@ -36,7 +39,9 @@ class VideoStream
 
     private function setHeader()
 
     {
 
         ob_get_clean();
 
-        header("Content-Type: video/mp4");
 
+        $splitted = explode('/', $this->path);
 
+        header("Content-Type: application/x-download");
 
+        header('Content-Disposition: attachment; filename="' . $splitted[sizeof($splitted) - 1] . '"');
 
         header("Cache-Control: max-age=2592000, public");
 
         header("Expires: ".gmdate('D, d M Y H:i:s', time()+2592000) . ' GMT');
 
         header("Last-Modified: ".gmdate('D, d M Y H:i:s', @filemtime($this->path)) . ' GMT' );
 
@@ -126,5 +131,5 @@ class VideoStream
 
     }
 
 }
 
 
-$stream = new VideoStream(base64_decode(urldecode($_GET['file'])));
 
+$stream = new VideoStream(Model::decryptText(base64_decode(urldecode($_GET['file']))));
 
 $stream->start();

+ 2 - 2
templates/episode.php
Wyświetl plik 

@@ -2,13 +2,13 @@
 
   <h1><?php echo $this->_['episode'][0]['number'] . " - " . $this->_['episode'][0]['name']; ?></h1>
 
   <div class="row text-center">
 
     <p>
 
-      <a href="<?php echo $GLOBALS['conf']['baseURL']; ?>readfile.php?file=<?php echo urlencode(base64_encode($this->_['videoFile'])); ?>">Download</a> | <input type="text" value="https://bridge.mmnx.de/videos/readfile.php?file=<?php echo urlencode(base64_encode($this->_['videoFile'])); ?>" /> <sub>Kopieren für Wiedergabe in Medienplayer (Netzwerkstream)</sub>
 
+      <a href="<?php echo $GLOBALS['conf']['baseURL']; ?>readfile.php?file=<?php echo urlencode(base64_encode(Model::encryptText($this->_['videoFile']))); ?>">Download</a> | <input type="text" value="https://bridge.mmnx.de/videos/readfile.php?file=<?php echo urlencode(base64_encode(Model::encryptText($this->_['videoFile']))); ?>" /> <sub>Kopieren für Wiedergabe in Medienplayer (Netzwerkstream)</sub>
 
     </p>
 
   </div>
 
   <div class="row">
 
     <div style="background: gray; text-align: center;">
 
       <video width="auto" height="auto" controls>
 
-        <source src="<?php echo $GLOBALS['conf']['baseURL']; ?>readfile.php?file=<?php echo urlencode(base64_encode($this->_['videoFile'])); ?>" type="video/mp4">Your browser does not support the video tag.</video>
 
+        <source src="<?php echo $GLOBALS['conf']['baseURL']; ?>readfile.php?file=<?php echo urlencode(base64_encode(Model::encryptText($this->_['videoFile']))); ?>" type="video/mp4">Your browser does not support the video tag.</video>
 
     </div>
 
   </div>
 
 </div>

+ 2 - 2
templates/movie.php
Wyświetl plik 

@@ -2,13 +2,13 @@
 
   <h1><?php echo $this->_['movie'][0]['name']; ?></h1>
 
   <div class="row text-center">
 
     <p>
 
-      <a href="<?php echo $GLOBALS['conf']['baseURL']; ?>readfile.php?file=<?php echo urlencode(base64_encode($this->_['videoFile'])); ?>">Download</a> | <input type="text" value="https://bridge.mmnx.de/videos/readfile.php?file=<?php echo urlencode(base64_encode($this->_['videoFile'])); ?>" /> <sub>Kopieren für Wiedergabe in Medienplayer (Netzwerkstream)</sub>
 
+      <a href="<?php echo $GLOBALS['conf']['baseURL']; ?>readfile.php?file=<?php echo urlencode(base64_encode(Model::encryptText($this->_['videoFile']))); ?>">Download</a> | <input type="text" value="https://bridge.mmnx.de/videos/readfile.php?file=<?php echo urlencode(base64_encode(Model::encryptText($this->_['videoFile']))); ?>" /> <sub>Kopieren für Wiedergabe in Medienplayer (Netzwerkstream)</sub>
 
     </p>
 
   </div>
 
   <div class="row">
 
     <div style="background: gray; text-align: center;">
 
       <video width="auto" height="auto" controls>
 
-        <source src="<?php echo $GLOBALS['conf']['baseURL']; ?>readfile.php?file=<?php echo urlencode(base64_encode($this->_['videoFile'])); ?>" type="video/mp4">Your browser does not support the video tag.</video>
 
+        <source src="<?php echo $GLOBALS['conf']['baseURL']; ?>readfile.php?file=<?php echo urlencode(base64_encode(Model::encryptText($this->_['videoFile']))); ?>" type="video/mp4">Your browser does not support the video tag.</video>
 
     </div>
 
   </div>
 
 </div>

+ 1 - 0
test.php
Wyświetl plik 

@@ -0,0 +1 @@
 
+<?php phpinfo(); ?>