Php photo gallery TWG | JFUploader | TWG Flash upload | WFU | Forum

Get help for TinyWebGallery, the best image gallery. The forum is also home for the Joomla JFUploader, TWG Flash Uploader and the Wordpress flash uploader.
It is currently 15. Dec 2017, 08:36

All times are UTC + 1 hour [ DST ]




Post new topic Reply to topic  [ 4 posts ] 
Author Message
PostPosted: 22. Nov 2014, 05:14 
Offline

Joined: 27. Aug 2014, 18:57
Posts: 4
Hello,

I was trying to use the new HTML5 video option introduced in 2.2 and I finally got it to work when I realized that I needed to grant access to the directory that contained the video (i.e.: not have it be restricted). My setup is simple:
- I have a pictures/ directory where I store all the pictures and videos
- I usually have a .htaccess in that directory that denies access to everyone
- this works because I use the non-direct path to access pictures (it loads via image.php)

My question is: is there a similar mechanism for videos. Currently, it seems to directly load from the pictures/ directory. Basically, I would like to protect the videos just like I protect pictures.

Thanks,
Romain


Top
 Profile  
 
PostPosted: 22. Nov 2014, 10:46 
Offline
Site Admin
User avatar

Joined: 1. Aug 2005, 12:53
Posts: 10573
No, There is no redirections through php for videos.

I'm also not sure what kind of protection this should be? Because anyone can easily get the video through the php files as well.
For images this is different as normally the originals are protected and only the smaller web images are shown.

Best, Michael


Top
 Profile  
 
PostPosted: 23. Nov 2014, 02:41 
Offline

Joined: 27. Aug 2014, 18:57
Posts: 4
Hello,

OK, thanks for the answer. For the reason for the protection, right now, if someone knows the path of the video on the server, they can directly access it without having to login or anything. For the pictures, currently, the originals are protected (and you go through the PHP file which, I assume, checks session credentials). The smaller "cached" versions are indeed visible (although adding a .htaccess there only slows things down but does not break anything) but the names are at least hashed making it a little harder to get to.

Basically, I wanted something that would check for proper credentials before serving the file (using the .htprivate files for example). Does that make sense?

Thanks,
Romain


Top
 Profile  
 
PostPosted: 24. Nov 2014, 10:43 
Offline
Site Admin
User avatar

Joined: 1. Aug 2005, 12:53
Posts: 10573
Sure it makes sense. There has to be an additional php file which does the credential check and the streaming of the php file.
So feel free to extend this.

Best, Michael


Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 4 posts ] 

All times are UTC + 1 hour [ DST ]


Who is online

Users browsing this forum: No registered users and 3 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
cron
Powered by phpBB® Forum Software © phpBB Group

phpBB SEO