thanks, Richard :)
The simplest solution is usually the best
As you suggested, I used php to created a 'log in' movie which upon
authentication loads the playlist of movies
Also, as you suggested, I think I'll create a session id with a
master password, can see everything, and a 'movie specific' password
head spinning slowing.....
g
On Oct 24, 2005, at 7:20 PM, Richard Lynch wrote:
The script , makeMoviePlaylist.php, is calling itself on the server
with
makeMoviePlaylist.php?cmd=getmovie&path=encrypted_path_to_the_movie
The script, makeMoviePlaylist.php, accepts the request because it
originated from ITSELF on the server...
How do you *KNOW* it originated from ITSELF?
Can't I just fake it out by copying the URL you are using?
This request was sent from OUTSIDE the server. The main script,
makeMoviePlaylist.php, realizes the this request did not originate
from itself on the server
Again, how you do *KNOW* that to be true?
What's the big picture again?
They need to login to see the movies, right?
Or is it something else?
If just need login, use http://php.net/session_start and friends as I
just posted.
If it's something else, session_start() may not help.
--
Like Music?
http://l-i-e.com/artists.htm
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
