Robert Cummings wrote:
Ashley Sheridan wrote:
On Fri, 2010-02-12 at 16:12 -0500, Robert Cummings wrote:
John Allsopp wrote:
Hi everyone
There may be blinding bits of total ignorance in this so don't
ignore the obvious.
This is a security question, but a sentence of background: I'm
At 12:36 PM + 2/13/10, John Allsopp wrote:
Sorted, I think .. unless you spot any faulty reasoning in the
above. Thanks very much guys :-)
The faulty reasoning is that you want to provide something to a
select group of people but are exposing it to the world. That's not
going to work.
John Allsopp wrote:
Robert Cummings wrote:
Ashley Sheridan wrote:
On Fri, 2010-02-12 at 16:12 -0500, Robert Cummings wrote:
John Allsopp wrote:
Hi everyone
There may be blinding bits of total ignorance in this so don't
ignore the obvious.
This is a security question, but a sentence of
John Allsopp wrote:
Well no they are not logged in, it's just an embedded iframe so that's
my main issue with my method, anyone could look at the web page source,
pinch the URL of the iframe and they'd have the username and password.
I think the only way to do it is to make a key per
Michael A. Peters wrote:
John Allsopp wrote:
Well no they are not logged in, it's just an embedded iframe so that's
my main issue with my method, anyone could look at the web page
source, pinch the URL of the iframe and they'd have the username and
password.
I think the only way to do it
Hi everyone
There may be blinding bits of total ignorance in this so don't ignore
the obvious.
This is a security question, but a sentence of background: I'm writing
software for a mapping/location website and I want to be able to provide
something others can plug into their website that
John Allsopp wrote:
Hi everyone
There may be blinding bits of total ignorance in this so don't ignore
the obvious.
This is a security question, but a sentence of background: I'm writing
software for a mapping/location website and I want to be able to provide
something others can plug into
On Fri, 2010-02-12 at 16:12 -0500, Robert Cummings wrote:
John Allsopp wrote:
Hi everyone
There may be blinding bits of total ignorance in this so don't ignore
the obvious.
This is a security question, but a sentence of background: I'm writing
software for a mapping/location
Ashley Sheridan wrote:
On Fri, 2010-02-12 at 16:12 -0500, Robert Cummings wrote:
John Allsopp wrote:
Hi everyone
There may be blinding bits of total ignorance in this so don't ignore
the obvious.
This is a security question, but a sentence of background: I'm writing
software for a
authenticate by remote domain name or remote ip
$_SERVER['HTTP_REFERER']
then your clients will not have to put their username/password in clear text
http://www.mydomain.com?h=300w=250
and you will just check if you have their domain on your list
I'm not sure if there is better one but
On Fri, 2010-02-12 at 18:25 -0500, Ryan Sun wrote:
authenticate by remote domain name or remote ip
$_SERVER['HTTP_REFERER']
then your clients will not have to put their username/password in clear text
http://www.mydomain.com?h=300w=250
and you will just check if you have their domain on
In that case, referer is for authentication, and id is for authorization, I
think
On Fri, Feb 12, 2010 at 6:23 PM, Ashley Sheridan
a...@ashleysheridan.co.ukwrote:
On Fri, 2010-02-12 at 18:25 -0500, Ryan Sun wrote:
authenticate by remote domain name or remote ip
$_SERVER['HTTP_REFERER']
On Sat, Feb 13, 2010 at 7:33 AM, Ryan Sun ryansu...@gmail.com wrote:
In that case, referer is for authentication, and id is for authorization, I
think
On Fri, Feb 12, 2010 at 6:23 PM, Ashley Sheridan
a...@ashleysheridan.co.ukwrote:
On Fri, 2010-02-12 at 18:25 -0500, Ryan Sun wrote:
Tedd,
As Casey noted, there's no totally secure methodolgy, but your's is close
enough - everything is wrapped in the Flash movie, so even if the movie is
sent on to someone else, that someone has to be approved.
We've been doing something similar for several years now, validating against
a
Hi gang:
Here's the problem.
I have a client who has Flash Videos and wishes to rent these Videos
out for a certain time period. (No, it's not porn -- shame on you).
I have written the code and have NO problems with registering the
user, having the user pay, and managing user's time to
On Fri, 2008-01-04 at 12:58 -0500, tedd wrote:
Hi gang:
Here's the problem.
I have a client who has Flash Videos and wishes to rent these Videos
out for a certain time period. (No, it's not porn -- shame on you).
Bah!
I have written the code and have NO problems with registering the
At 1:08 PM -0500 1/4/08, Daniel Brown wrote:
On Jan 4, 2008 12:58 PM, tedd [EMAIL PROTECTED] wrote:
Now, how can I stop that from happening?
You could do link expirations with an auto-generated URL to mask
the actual location, or could even create a dynamic symlink or copy on
the server
On Jan 4, 2008 1:30 PM, tedd [EMAIL PROTECTED] wrote:
At 1:08 PM -0500 1/4/08, Daniel Brown wrote:
On Jan 4, 2008 12:58 PM, tedd [EMAIL PROTECTED] wrote:
Now, how can I stop that from happening?
You could do link expirations with an auto-generated URL to mask
the actual location, or
On Fri, 2008-01-04 at 13:29 -0500, tedd wrote:
At 1:09 PM -0500 1/4/08, Robert Cummings wrote:
On Fri, 2008-01-04 at 12:58 -0500, tedd wrote:
Hi gang:
Here's the problem.
I have a client who has Flash Videos and wishes to rent these Videos
out for a certain time period. (No, it's
At 1:09 PM -0500 1/4/08, Robert Cummings wrote:
On Fri, 2008-01-04 at 12:58 -0500, tedd wrote:
Hi gang:
Here's the problem.
I have a client who has Flash Videos and wishes to rent these Videos
out for a certain time period. (No, it's not porn -- shame on you).
Bah!
I have written the
On Jan 4, 2008 12:58 PM, tedd [EMAIL PROTECTED] wrote:
Hi gang:
Here's the problem.
I have a client who has Flash Videos and wishes to rent these Videos
out for a certain time period. (No, it's not porn -- shame on you).
I stopped reading at this point, due to lack of interest.
At 1:54 PM -0500 1/4/08, Robert Cummings wrote:
On Fri, 2008-01-04 at 13:29 -0500, tedd wrote:
Rob:
I have all of that logic in place now.
Then what is the problem? or do you mean you don't ant the same user to
view the item while logged in at some point in the future? If so then
use a
On Fri, 2008-01-04 at 14:43 -0500, tedd wrote:
At 1:54 PM -0500 1/4/08, Robert Cummings wrote:
On Fri, 2008-01-04 at 13:29 -0500, tedd wrote:
Rob:
I have all of that logic in place now.
Then what is the problem? or do you mean you don't ant the same user to
view the item while
On Jan 4, 2008 3:12 PM, Robert Cummings [EMAIL PROTECTED] wrote:
It's simple, the URL should NOT directly point to the flash. It should
point to a PHP wrapper script. The wrapper script then allows you to do
any kind of checking necessary to restrict viewing of the video. This
can include:
On Fri, 2008-01-04 at 15:27 -0500, Daniel Brown wrote:
On Jan 4, 2008 3:12 PM, Robert Cummings [EMAIL PROTECTED] wrote:
It's simple, the URL should NOT directly point to the flash. It should
point to a PHP wrapper script. The wrapper script then allows you to do
any kind of checking
Hi gang:
Here's my logic, so what's wrong with it?
My sole concern here is to protect a Video from being stolen and/or
being viewed remotely while allowing approved users to view it.
It is a fact that anything you present to a user is theirs. There's
no stopping them from downloading a
On Jan 4, 2008 9:16 PM, tedd [EMAIL PROTECTED] wrote:
Hi gang:
Here's my logic, so what's wrong with it?
My sole concern here is to protect a Video from being stolen and/or
being viewed remotely while allowing approved users to view it.
It is a fact that anything you present to a user is
Hello!
I have an Apache web-server with PHP-4.3.2 installed. Directory
structure of my DocRoot is as follows:
www/
docs/
tm/
tts/
cache/
lib/
index.html
docs, tm, tts are directories of projects, published through ftp by
different people,
lib - common directory, containing
Andrew Afliatunov wrote:
Other way - I can turn on safe_mode and include www/lib in
safe_mode_include_dir. In this case projects will be able to include
scripts from lib, BUT won't be able to create files in cache because
scripts and cache have different owners.
Go this way, but create a
header(Content-type: application/zip);
header(Content-Disposition: attachment; filename=yourfilename.zip);
readfile(/path/to/yourfilename.zip);
I have found that to make sure it works with all browsers you want to put
quotes around the filename in the content-disposition header.
header(
Hello,
Is there any way to launch a download of a Zip file to the user without
a link. The user must not know where the file is on the server.
The transfert of the file must be made by a php file with special
headers, no ?
header(Content-type: zip); or something...
Thanks.
--
PHP General
header(Content-type: application/zip);
header(Content-Disposition: attachment; filename=yourfilename.zip);
readfile(/path/to/yourfilename.zip);
On Friday 30 May 2003 03:34 pm, Vincent M. wrote:
Hello,
Is there any way to launch a download of a Zip file to the user without
a link. The user
32 matches
Mail list logo
