I have a wordpress paid video site with the e-commerce plugin. User purchases a video, then gets shown a meta box with the video player code linking to the video (using flow player 3). How can I stop access to the paid video files to non-authorized users (if they decide to share the direct link to the video by looking at the source code)?
you need protect this content for that session (and ip), using some technique like security token.
http://code.google.com/p/mod-auth-token/
Here are a few plugins that might help you with your problem.
http://www.magicmembers.com/
http://wordpress.org/extend/plugins/membership/
http://www.memberwing.com/
Related
I research about encryption/decryption mechanism & found many solutions like AES Encryption/Decryption. But, I want to secure my video just like videos secured in Hotstar, IMDB, Amazon Prime etc. For this I got a solution related to DRM mechanism. I understood its working process but, how it will be integrated from php side & connect it with mobile apps. Is there any other way to achieve security like apps that are mentioned above.
This is not an encryption question.
It's an authorization question.
I suggest using some login mechanism. like wordpress/drupal have.
The first user will share the video to his friend (his friend email address)
The friend gets an invitation email, to register an account and watch the video.
The friend, register with the account, and logs in.
in the page "Videos shared with me" he can see videos that the original sharer, shared with this particular e-mail address. (this information comes from some database)
Now for the streaming part,
make sure that the folder you hold the videos is not accessible from the internet. (some other folder, higher than public_html or use .htaccess on a private folder to restrict access directly.)
when viewing the page "Videos shared with me" generate a link to the video that goes to your PHP controller. something like www.mywebsite.com/watchvideo/620
when someone asks this video, you check if this person is logged in, and his account has access to this video again. if so, stream the video with the php buffer. learn more about: php output buffering and stream the video using readfile
If you find this answer helpful, consider to accept it.
I have to build an application where users can download videos from a site but cannot share them. My first solution is to save these files in a hidden location on the users computer since one of the requirements is that the user should be able to watch the downloaded videos offline.
Please how do I go about saving a file in a location the user cannot see using php.
Thanks.
One solution is to generate token for each request for a video. That token would have its lifetime. Php script should be serving the content instead of giving direct access to resource to user. The script should check if the token is still active before serving the content.
It is up to you how to pass the token. The simplest way is to make it contained in uri.
No matter where you put your videos in your directory structure, you always send the data as a partial request. Once data is acquired by the user, it could be saved an reproduced.
There are techniques, however, to protect your video from direct download through curl, wget or other ways of download. And this is using a secure token and an expiration, passed as parameters. This way your video download window will be limited and generating the token manually would be pretty hard.
Chidiebere Onwunyirigbo, its a Great Question. One solution for your requirement is Steganography. It is the process of concealing your data (videos) behind other files (multimedia files like image, audio, video), in your case preferable would be Image Steganography. It is quite a old technology but new to many, you can get several ready tools/code for it on the internet which you can customize as per your need. From your side you have to provide the file that is already embedded inside the image for download. Only the tool coded for retrieval and rendering the hidden video can render your video. So, for this part all the users of your site have to first download this desktop application from your site for viewing the video. This will keep your videos safe on the users computer offline, because every user who takes the video will require the reverse steganography tool to be downloaded from your site. You can even embed secret info like users IP inside the Stego image along with the video and for each tool download, associate user computer's IP with the tool. If IP embedded inside Stego image matches with that of tool only then you allow to play else redirect application to get it registered. But the limitation would be that, the users will have to download your application and will be able to view videos only on your desktop application which will render the Steganographed video.
You cannot hide information on the user computer. Even if your process are running on a windows comp as SYSTEM user, a power user can take ownership of the files.
The only solution you have, are developing or using a known DRM system, for allowing only playing the video on a determined computer or another specifications (for example, if the program have the authentication token of some user).
At any case, you need to do two things for this:
- You need a custom application to play the video, if you want to check DRM.
- You need to recode / modify something on the video before download, for adding on them a code for allow only play on the destination computer or data used for authenticating DRM.
Is there any way from which i can obfuscate my video url or video link ? I am embedding video in <video> of html 5. I have disabled right click of the page using jquery. But still user can download video thru download manager. I want to restrict it. How can i do it?
My website is in Opencart 2
If the user can view the video, you CAN'T restrict the download.
As a side note, any attempts to restrict user access to elements that he/she can see or interact are a waste of time, any savvy user will bypass them easily.
I found this, but it is kinda confusing, and doesn't answer the question for me. I'm looking to upload images from my website to a Facebook page (my code works for users pages, not company pages), if there is a way to do it without having to make an application, I'd like that, but from what I've seen, that's not possible.
My code is here: http://pastebin.com/wBp1AQwG
Your link doesn't appear to go anywhere useful, I'm afraid.
Nonetheless, I'm guessing your problem here is that you need to use a Page access token not a user access token to publish to a page rather than a user feed.
See the section on Page Access Tokens at https://developers.facebook.com/docs/reference/api/page/
I've figured it out, here is a basic outline of the process for posting an image to an album that you own on a fanpage.
Get user authenticated
Get users accounts
Get albums, or create them
Post to the id of the album (ALBUM_ID/photos) with the image
It's pretty simple once I figured out the basics of the api.
I have made a website on which a user has to log in using a username and password. I have seen these in so many website, we can connect through facebook account. And I want to add the same to my web site. How is it possible,using php sdk or the javascript sdk?
The team at Facebook has spent considerable time documenting this, I would suggest you start there:
http://developers.facebook.com/docs/guides/web#login
http://developers.facebook.com/docs/authentication/
If possible, I would do like dracolytch writes here and create a level of abstraction for both OpenID and Facebook. He is willing to share his code.
Those links are what Facebook likes to call "Badges." Go to your profile. Scroll all the way to the bottom. On the lower left hand column you should see a link that says "Create Profile Badge." Click that. From there you can edit a Badge to show the info you'd like. At the end, it will give you some html code that you can copy and paste into another website or blog. When people click on your Badge, they will get sent directly to your Facebook info box.
Source(s):
http://www.facebook.com/badges.php