What I need: Script that allows only those subscribing to our service to be able to play a specific flv on their domain. The only way for them to access the flv file for their website is if I allow their domain (website) to access the file. They cannot use same "embed code" on multiple domains. Is this possible? How? Thanks in advance!
A reasonably safe method would be blocking referers that aren't in the allowed list: <?php $referers = array('alloweddomain1.com','alloweddomain2.com'); if(!empty($_SERVER['HTTP_REFERER'])) { $parts = parse_url($_SERVER['HTTP_REFERER']); $parts['host'] = str_replace('www.','',$parts['host']); if(in_array($parts['host'],$referers)) { } else { die('Not allowed!'); } } else { die('Not allowed!'); } ?> PHP: This makes it impossible to embed the video's directly .
Change $parts['host'] = str_replace('www.','',$parts['host']); to $parts['host'] = strtolower(str_replace('www.','',$parts['host'])); To allow capitalization variation. Also this method is easy to break with simple PHP. Peace,
Another way not mentioned is using Flash's allowDomain function, edit your flv player to only allow the domains that are registered. System.security.allowDomain("www.thesite.com"); System.security.allowDomain("www.anothersite.com"); Code (markup): Might be a bit simpler. . .