On 19/03/2005, at 2:36 AM, Marek Kilimajer wrote:
Dan Rossi wrote:
On 19/03/2005, at 2:06 AM, php-list-replies@xxxxxxxxxxxxxxxxxxxxx wrote:
I think you misunderstood me or I wasnt clear, the links are coming from a syndicate site to the main site, so we check on that domain. I am looking at other options, maybe someway of trasparently logging in ?
You were not clear at all. What are you trying to do?
Hi there Marek, here is how the system currently works. Each feed afiliate has a special number, this is used for publishing points on the streaming server aswell as loading refering domains from the database. A link to the video feed player window will happen from their server only, therefore the referer check. What I was trying to say is, one of the customers picked up , that it was using referer checks aswell as a few other things, and worked out referer spoofing software will let you in still. We need to try and avoid this, as each customer's authentication is different we cannot have another login as its not in sync. So we may have to look at other options, possibly someway of transparently logging in I dont know.
If you need only hotlink protection then the current referer checking is just enough. Most users will not install referer spoofing software.
But if you need to be 100% sure the videos are streamed through affiliate server, you can use tokens - a script at the affiliate server will request a token from the streaming server (with username/password/clip id etc.). This token will be sent with the link to the streaming server. Hope this is clear.
-- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php