HomePHP Page 2 - Video Streaming PHP Script Tutorial
Design of the Application - PHP
One of the most important features in a website is the ability to show videos to your visitors. There are a lot of video hosting solutions nowadays, with YouTube as the most popular. However, due to its popularity, there are lots of services -- even free services -- that let viewers download your video files after you've uploaded them to YouTube. If you need to restrict downloading of your files, keep reading.
The way basic HTML web tutorials teach us to embed videos is VERY basic and does not protect your content. The techniques taught pose a lot of risks for having your protected content easily snatched. (If you do NOT care that your video gets downloaded without your permission, then this tutorial is not for you).
If you use that method of embedding videos, then any user can view the source code of your web page (using a browser) and look for the video path URL designated by SRC. One thing is obvious; you are placing videos in the “yourvideofolder” directory. The worst will happen if you allowed “directory listing” in your website. This means all of your precious videos can be seen in a single glance, for example below:
What if you disable directory listing using .htaccess? It is still obvious; hackers will only make a slight guess at your file names, and can do so by examining your naming conventions and content (even determined ordinary web surfers can do this). If you make nonsense filenames, it might work, but a lot of determined infringers will query your folder path for nonsense reasons, which consumes a lot of server bandwidth.
The best way is to NOT provide them a clue as to where you have saved your videos in the server. The moment they view the source code and see a PHP file in your SRC tag instead of .mpg, most of them will turn back, but again, this is not a perfect solution.
You can use the PHP language and MySQL to do this; your goal is to transform the real path URL, say http://www.yourwebsite.com/video/cute.mpg, into http://www.yourwebsite.com/phpvideostreaming.php?ID=34fdgf56ghghg5656534
The PHP file effectively obfuscates the real path of your video URL. However, the real URL path will be stored in the MySQL database. How will PHP fetch the correct real URL path for a specific request? The answer is, by using an “ID” system.
The ID (in my example, it uses 20 alphanumeric characters) is unique and corresponds to a certain URL saved in the MySQL database. You can use this tool to generate characters. Remember to uncheck “include symbols in password.” For an example of an ID and Real URL path MySQL table (rough design, actual MySQL table screenshot in the next section), look at this:
PHP will query the MySQL database using the ID to get the equivalent real URL path to stream. This will be discussed in detail later.