Hi!
I have this php script that lets the visitors listen to several real media (.rm) files. Right now when they click on a song a pop-up window opens up with an embeded real player plugin and i have disabled right click so they cannot look at the address for the (.ram) file. This method stops all the novice users from getting the (.rm) files but more experienced visitors can download the files with little effort.
I wrote the code below to hide the address for the (.rm) files so noone can download the file. The code checks to see if it finds the string "real" in the http_user_agent variable. If it does then the user is opening the file with real player. If it cant find "real" in the user_agent variable than it means that the user is trying to download the file with a regular browser or any other download utility. In this case do not output the song address.
//////////here is the code
<?php
if ( eregi ("real" , $HTTP_USER_AGENT ) ) {
Header("Content-type: audio/x-pn-realaudio");
Header("Location: http://www.website.com/song.rm");
}
else
echo "This is the wrong application to play this file with";
echo $HTTP_USER_AGENT;
?>
////////////////////end code
My question is how secure is the real media file? It seems to me that the only way they can download the file to their computer is by changing the http_user_agent string of their browsers or if they use an application that contains the word "real" in them. The chances of both these things happening are very small.
Is there any other way they can download the file?
Can i search for something else to make sure that the visitor is using real player and not some other application? Is "real" compatible with all versions of real player, real one, etc.?
This is more of a real networks customer support question but knowing how "fast" they answer i would rather post it here.
I appreciate your help.
ed
edspace@comcast.net
