Preventing mp3 downloads

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
bhuether
Forum Newbie
Posts: 3
Joined: Sat Dec 02, 2006 5:07 pm

Preventing mp3 downloads

Post by bhuether »

feyd | Please use

Code: Select all

,

Code: Select all

and [syntax="..."] tags where appropriate when posting code. Your post has been edited to reflect how we'd like it posted. Please read:  [url=http://forums.devnetwork.net/viewtopic.php?t=21171]Posting Code in the Forums[/url] to learn how to do it too.[/color]


Man, I have learned a lot today. I have gone through so much effort to try 
and prevent people from saving files. I have mp3 files that I want 
people to listen to but I don't want them to save the file. So I went 
through all the pain of implementing a script.

It is PHP, but I imagine other languages would be similar:

Code: Select all

function serveaudio($file) {

$link = "audio/" . $file;

$handle = fopen($link, 'rb');
header('HTTP/1.1 200 OK');
header('Date: ' . date("D M j G:i:s T Y"));
header('Last-Modified: ' . date("D M j G:i:s T Y"));
header("Content-Type: audio/mp3");
header("Cache-Control: no-store, no-cache, must-revalidate");
header("Pragma: no-cache");
header("Cache-Control: post-check=0, pre-check=0", false);
header("Content-Length: " . (string)(filesize($link)) );
header("Content-Transfer-Encoding: Binary");
header('Content-Disposition: filename="$name"');
readfile($link);
}
I used htaccess to limit direct access to the files. But I noticed that as
the file plays in Media Player, you can just choose Save As! So is there
truly no way to prevent someone from saving an audio file? That doesn't seem
possible...

thanks,

brian




feyd | Please use

Code: Select all

,

Code: Select all

and [syntax="..."] tags where appropriate when posting code. Your post has been edited to reflect how we'd like it posted. Please read:  [url=http://forums.devnetwork.net/viewtopic.php?t=21171]Posting Code in the Forums[/url] to learn how to do it too.[/color]

[quote="[url=http://forums.devnetwork.net/viewtopic.php?t=30037]Forum Rules[/url] Section 1.1"][b]1.[/b] Select the correct board for your query. Take some time to read the guidelines in the sticky topic.[/quote]
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

You can't stop someone from being able to save an MP3 stream.
bhuether
Forum Newbie
Posts: 3
Joined: Sat Dec 02, 2006 5:07 pm

Post by bhuether »

In that case I would at least like to prevent them from right clicking and choosing Save As to save the file. Through .htaccess I can prevent people from doing this. But I also want people to be able to play audio files. Here is my folder structure

public_html
audio
.htaccess

So a link like mysite/audio/file.mp3 would cause a 403 error if the person clicked and would also prevent them from right clicking to save. So what I did was redid my audio links to be like

mysite.com/file.mp3

Now, the audio files don't exist there of course. But using rewrite rules, they get rewritten to

mysite.com/audio.php?op=serveaudio&file=file.mp3

And then the script I posted earlier goes to work. But in a total twist of events, when a user right clicks on a link like

mysite.com/file.mp3

they can indeed save it! Seems like I can't win no matter what. I would at least like to force people to save from their media player instead of being able to simply right click...

Any ideas? Is this beyond the scope of PHP? Is this an apache thing?

thanks,

brian
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

Sorry, that won't be possible either.
bhuether
Forum Newbie
Posts: 3
Joined: Sat Dec 02, 2006 5:07 pm

Post by bhuether »

I was just thinking - are you sure there isn't a way to use server variables to tell if a person hit save as vs if they clicked the link directly? That way, in the audio.php script, I could call the serveaudio function only if they clicked the link. Incidentally, how is it that selecting save as on the urls that get rewritten allows the file to actually be saved? I have even experimented on folders that are outside the webroot. When they choose save as, does that essentially result in serveaudio being called and does the readfile() call allow the saving of the file?

thanks,

brian
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

So long as the script responds to the url, it can be saved. You cannot detect if it's being saved versus just listened to. Technically, they are the same operation, and that is why you cannot detect it.
Post Reply