[thelist] Preventing direct access while allowing PHP script access

Ricky Zhou ricky.zhou at gmail.com
Mon Mar 27 16:37:08 CST 2006

> I have a bunch of SWF files, just say at "http://www.domain.com/swf/".
> Now, I want my PHP script, eg, something like
> "http://www.domain.com/swf_me_up.php?filename=someswf" to be able to
> access these, obviously. However, I want to prevent people from simply
> typing in something like "http://www.domain.com/swf/someswf.swf" and
> accessing it directly (mainly because I want to extract money from
> them first, *rubs mercenarious hands*).
Wow, I'm surprised that nobody has mentioned this, but why can't you
just place the flash in a non-web directory and print it out through a
PHP script (to check permissions)?
I've never used PHP myself, but I believe you can use the header function:
header('Content-type: application/x-shockwave-flash');
Then just print the contents of the file.

Hope this helps,

More information about the thelist mailing list