RewriteEngine On # set allowed referer. Replace "coursesweb" with your domain name RewriteCond %{HTTP_REFERER} !^$ RewriteCond %{HTTP_REFERER} !^http://(www\.)?coursesweb.net [NC] RewriteRule .(flv|mp4|ogg|mp3) / [NC,L] # Redirect URL for files specified above, to a PHP file RewriteRule ^/(vi|au)_([^\.]+\.(flv|mp4|ogg|mp3))$ redirect_va.php?fn=$2&tp=$1 [NC,L] # Blocks the external access to dirsuffix.txt <files dirsuffix.txt> order allow,deny deny from all </files>
<?php // Prevent Hotlinking video /audio - https://coursesweb.net/php-mysql/ session_start(); $fstore = 'dirsuffix.txt'; // file to register: suffix^timestamp $base_dir_vi = 'video'; // basename for directory with videos $base_dir_au = 'audio'; // basename for directory with audios // array with values used to form /change directory name $suffix = array('xyz5', 'de18', 'ab85', 'ju7k', 'w2er', 'hws8', 'bnji', 'hgdmar'); // check if session "getva" exists, and URL with GET "fn", and "tp" (redirected from .htaccess) if(isset($_SESSION['getva']) && isset($_GET['fn']) && isset($_GET['tp'])) { // removes tags from data in GET, and gets the name and the indice for type $_GET = array_map("strip_tags", $_GET); $fname = trim($_GET['fn']); $ftype = trim($_GET['tp']); // get the basename for directory name, for video or audio, acording to $ftype $dir = ($ftype == 'vi') ? $base_dir_vi : $base_dir_au; // read the TXT file, separate suffix and timestamp $ardata = file($fstore, FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES); $pf_tm = explode('^', $ardata[0]); $sfx = $pf_tm[0]; // if data older than 60 min, choose /get random a new suffix to form the directory name if(($pf_tm[1] + 3600) < time()) { $isf = array_rand($suffix, 1); $sfx = $suffix[$isf]; if($sfx == $pf_tm[0]) $sfx = 'files'; // if it's the same suffix, set 'files' // register the new suffix^timestamp in the TXT file if(file_put_contents($fstore, $sfx.'^'.time())) { // checks if the directories for video and audio exists, and rename them if(is_dir($base_dir_vi.$pf_tm[0])){ rename($base_dir_vi.$pf_tm[0], $base_dir_vi.$sfx); } if(is_dir($base_dir_au.$pf_tm[0])){ rename($base_dir_au.$pf_tm[0], $base_dir_au.$sfx); } } } header('Location: '. $dir.$sfx. '/'. $fname); // redirect to the requested file } ?>
<video controls="controls"width="200" height="150"> <source src="vi_video_filename.mp4" type="video/mp4" /> <source src="vi_video_filename.ogg" type="video/ogg" /> Video not playing? <a href="vi_video_filename.mp4">Download file</a> instead. </video>
<audio controls="controls"> <source src="au_audio_filename.ogg" type="audio/ogg" /> <source src="au_audio_filename.mp3" type="audio/mp3" /> Your browser does not support the audio tag, <a href="au_audio_filename.mp3">Download file</a> instead. </audio>These prefixes must be added only to the file name in player, not to files on server. The file name on the server will be, for example: "video_filename.mp4", without "vi_".
Notice that the directory name isn't added in the player, so, the user can't see the location of the files. .htaccess will redirect to the PHP script ("redirect_va.php"), that will redirect to the location of the file.
<?php // Prevent Hotlinking video /audio - https://coursesweb.net/php-mysql/ $fstore = 'dirsuffix.txt'; // file to register: suffix^timestamp $base_dir_vi = 'video'; // basename for directory with videos $base_dir_au = 'audio'; // basename for directory with audios // array with values used to form /change directory name $suffix = array('xyz5', 'de18', 'ab85', 'ju7k', 'w2er', 'hws8', 'bnji', 'hgdmar'); // check if URL with GET "fn", and "tp" (redirected from .htaccess) if(isset($_GET['fn']) && isset($_GET['tp'])) { // removes tags from data in GET, and gets the name and the indice for type $_GET = array_map("strip_tags", $_GET); $fname = trim($_GET['fn']); $ftype = trim($_GET['tp']); // get the basename for directory name, for video or audio, acording to $ftype $dir = ($ftype == 'vi') ? $base_dir_vi : $base_dir_au; // read the TXT file, separate suffix and timestamp $ardata = file($fstore, FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES); $pf_tm = explode('^', $ardata[0]); $sfx = $pf_tm[0]; // if data older than 60 min, choose /get random a new suffix to form the directory name if(($pf_tm[1] + 3600) < time()) { $isf = array_rand($suffix, 1); $sfx = $suffix[$isf]; if($sfx == $pf_tm[0]) $sfx = 'files'; // if it's the same suffix, set 'files' // register the new suffix^timestamp in the TXT file if(file_put_contents($fstore, $sfx.'^'.time())) { // checks if the directories for video and audio exists, and rename them if(is_dir($base_dir_vi.$pf_tm[0])){ rename($base_dir_vi.$pf_tm[0], $base_dir_vi.$sfx); } if(is_dir($base_dir_au.$pf_tm[0])){ rename($base_dir_au.$pf_tm[0], $base_dir_au.$sfx); } } } header('Location: '. $dir.$sfx. '/'. $fname); // redirect to the requested file } ?>
<embed src="flash_game.swf" width="450" height="350" />
#id:first-line { font-weight: bold; color: blue; }
var url = window.location; alert(url);
$homepage = file_get_contents("http://coursesweb.net/"); echo $homepage;