How to protect a php script that sends variables to itself

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



the below is the curl'd output of the php script:
 curl  -l -i "http://www.myserver/scripts/makeMoviePlaylist.php";

Content-Length: 263
Content-Type: video/quicktime

<?xml version="1.0"?>
<?quicktime type="application/x-quicktime-media-link"?>
<embed
autoplay="true"
cache="true"
kioskmode="true"
quitwhendone="true"
movieid="9d867c3b4ac7d04cb3b7bf6d99b5992b"
moviename="Commercial Reel 2005"
src="makeMoviePlaylist.php?cmd=makesmil"/>
/*
}

Problem:
if the users does this:
curl -l -i "http://www.myserver/scripts/makeMoviePlaylist.php? cmd=makesmil"
From the above curl'd output, entering the below url into a browser will get the movie: http://www.myserver/scripts/makeMoviePlaylist.php? cmd=getmovie&path=wb1v2x9hApqFwTHhG5tSJlVp9bGi8glguo+gC565a5o=" 


is this possible to prevent ? Or is there a better approach?
This stuff is making my head spin a bit...
I am learning aspects of security so any help is appreciated.

many thanks:)
g



This the output from:
curl -l -i "http://www.myserver/scripts/makeMoviePlaylist.php? cmd=makesmil" 

ETag: 253bd3c0260c47ad994857992e073682
Accept-Ranges: bytes
Content-Length: 5132
Content-Type: application/smil

<smil xmlns:qt="http://www.apple.com/quicktime/resources/smilextensions";
qt:time-slider="true"
qt:chapter-mode="clip"
qt:immediate-instantiation="false"
qt:autoplay="true">
<head>
<meta name="base" content="http://www.myserver/scripts/"; />
   <meta name="full-name" content="Commercial Reel 2005"/>
    <meta name="name" content="Commercial Reel 2005"/>
    <meta name="copyright" content="2005"/>
    <meta name="author" content="Graham Anderson"/>
<layout>
<root-layout id="main" title="Commercial Reel 2005" left="0" top ="0" width="352" height="208" background-color="black"/> <region id="firsttrack" z-index="1" left="0" top ="0" width = "352" height = "208" background-color="black" qt:attach-timebase="true" qt:immediate-instantiation="false" qt:autoplay="true" qt:time-slider="true" qt:chapter-mode="clip" />
<region id="siren" z-index="1" left="0" top ="0" width="352" height="208" fit ="fill" background-color="black" qt:time-slider="true" qt:attach-timebase="true" qt:autoplay="true" qt:chapter-mode="clip" 
qt:immediate-instantiation="false" />
<region id="drm" z-index="3" left="0" top ="0" width = "352" height = "208" background-color="black" qt:attach-timebase="false" qt:immediate-instantiation="false" qt:autoplay="false" qt:time-slider="false"/> 
</layout>
</head>
<body>
<switch>
<par system-bitrate="768000">
<!--for T1 and faster-->
<video src="makeMoviePlaylist.php? cmd=getmovie&path=zSbG5zDpCJiqc2mbIunOjkw35wn2Q+saBlJZbaXmYUI=" region="drm" duration="indefinite"/> 
<seq>
<video src="makeMoviePlaylist.php? cmd=getmovie&path=wb1v2x9hApqFwTHhG5tSJlVp9bGi8glguo+gC565a5o=" region="firsttrack" qt:chapter="levis: crazy legs"/> <video src="makeMoviePlaylist.php? cmd=getmovie&path=wHvUoTrGxSW7C8uHjo7hHWLh9hJdvL0hVNx9hoUX3zM=" region="siren" qt:chapter="adidas: the game"/> <video src="makeMoviePlaylist.php? cmd=getmovie&path=pGUsQZ5nfQtuysSgiTdHyvHdoY1hyA+rio/tbM9sSsA=" region="siren" qt:chapter="boeing: freedom"/> <video src="makeMoviePlaylist.php? cmd=getmovie&path=saCzqVi4h08ikgSBUcLjUjwHxzh9DL5Wib0d0dKi3mo=" region="siren" qt:chapter="yamaha: mama said"/> <video src="makeMoviePlaylist.php? cmd=getmovie&path=MqOqXo89l9O012WsrvZIVHLKfZx6mo4fqCcez2GvKlA=" region="siren" qt:chapter="gmc: sliding roof"/> <video src="makeMoviePlaylist.php? cmd=getmovie&path=2j53xedyHmUM2uSxWlxg2LqDDk+b7/kkIDKigEdYdp0=" region="siren" qt:chapter="nokia: color adjustment"/> <video src="makeMoviePlaylist.php? cmd=getmovie&path=Um2ysEtdgslrEyYZNaPU/KJD6MfTSKXH/HRRqOwj5ug=" region="siren" qt:chapter="bmw: drive"/> <video src="makeMoviePlaylist.php? cmd=getmovie&path=gPx1sdVxgYRgjCmX0V6WDVqPG/crkySweYrY/tXkrU0=" region="siren" qt:chapter="guinness: taste"/> <video src="makeMoviePlaylist.php? cmd=getmovie&path=MajLzma9FRxXFuxYS9YwCuJtxCRIpkaMNDx3CMrXgyA=" region="siren" qt:chapter="apple: ellen feiss"/> <video src="makeMoviePlaylist.php?cmd=getmovie&path=LU/xHFq/ 8jHGfn2gWDPDycW9CaQW55gjzP4sTXvwrAg=" region="siren" qt:chapter="playstation: joan"/> <video src="makeMoviePlaylist.php? cmd=getmovie&path=ZmT4A6kfPIg7tFc6zUVYRznT89czwdXA9hjgn3Erehg=" region="siren" qt:chapter="pentax: hey"/> <video src="makeMoviePlaylist.php?cmd=getmovie&path=iUMIIycwZ0QzJVUtUI +N3glwgfAXPTgFq+mbmXS5vOo=" region="siren" qt:chapter="nike: dreams"/> 

</seq>
</par>

<par system-bitrate="512000">
<!--56k modems-->
<video src="makeMoviePlaylist.php? cmd=getmovie&path=zSbG5zDpCJiqc2mbIunOjkw35wn2Q+saBlJZbaXmYUI=" region="drm" duration="indefinite"/> 
<seq>
<video src="makeMoviePlaylist.php?cmd=getmovie&path=5qRrKwWbemaOh5+ +SOgv5SRshkpGTuvW5cIyRN9EWQM=" region="firsttrack" qt:chapter="levis: crazy legs"/> <video src="makeMoviePlaylist.php?cmd=getmovie&path=FzWapZbGt1YkCGKiB +fmlGftup5K8nYl6yVUTG+l+7c=" region="siren" qt:chapter="adidas: the game"/> <video src="makeMoviePlaylist.php? cmd=getmovie&path=Q3gUP0pHVYYjsmCUn2PqMPTOwsqH/x4TbPJbwmEm9yc=" region="siren" qt:chapter="boeing: freedom"/> <video src="makeMoviePlaylist.php? cmd=getmovie&path=4OQkZQNgbKWnJcZKA0Dwu9blaufGr9nrMemtfykVNK8=" region="siren" qt:chapter="yamaha: mama said"/> <video src="makeMoviePlaylist.php? cmd=getmovie&path=SjXVxuW7miYu0djHcpXX2xSk/hpoxPnCmFhoiGJ2Zlc=" region="siren" qt:chapter="gmc: sliding roof"/> <video src="makeMoviePlaylist.php? cmd=getmovie&path=X3LbGKCtMcK5q3uhQpzEy4YNNaRwezXqS8qHx/KXC64=" region="siren" qt:chapter="nokia: color adjustment"/> <video src="makeMoviePlaylist.php? cmd=getmovie&path=EPCybK7ipcFMAhj7Lkejc+OWulQVwNDZlLA8sFDRFt0=" region="siren" qt:chapter="bmw: drive"/> <video src="makeMoviePlaylist.php?cmd=getmovie&path=R9 +mtBsHiUiPvn5hw8PbcTVu9Zy5I7BnhPIeiT2wGPA=" region="siren" qt:chapter="guinness: taste"/> <video src="makeMoviePlaylist.php?cmd=getmovie&path=N/bnlupKzblackF +x4ZDedx8LyOn62vjGvI8uMBR648=" region="siren" qt:chapter="apple: ellen feiss"/> <video src="makeMoviePlaylist.php?cmd=getmovie&path=gy8lEzyB +hbyfZqgTEC/hwjJCuBSZObz2k1lkzl2x38=" region="siren" qt:chapter="playstation: joan"/> <video src="makeMoviePlaylist.php?cmd=getmovie&path=mnI7NPIv +UUdj9bjBXskipg40IBLjRdeDYDRepdMiBQ=" region="siren" qt:chapter="pentax: hey"/> <video src="makeMoviePlaylist.php?cmd=getmovie&path=c9crwb4Ss +xcups9lnvEg+TVX5Duf6+3jPNq3vciSnU=" region="siren" qt:chapter="nike: dreams"/> 

</seq>
</par>
</switch>
</body>
</smil>

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[Index of Archives]     [PHP Home]     [Apache Users]     [PHP on Windows]     [Kernel Newbies]     [PHP Install]     [PHP Classes]     [Pear]     [Postgresql]     [Postgresql PHP]     [PHP on Windows]     [PHP Database Programming]     [PHP SOAP]

  Powered by Linux