Hello everyone!
The following message is a question I posted on the official flash forums from adobe already, but I thought it would be best to ask a PHP Programming Community aswell...so don't get confused when I'm addressing the flash-forums in this post. ;-)
We're having problems embedding Flash-files into our .php-files, so I thought the best place to ask for help would be the official Flash-forums :-) First of all, I'll let you know what exactly we're doing....
We have a few flash-files which you should only be allowed to view once you're logged in and authenticated to our "portal". You can only view those files over some sort of JavaScript-Popup-Flashplayer thing (personally not too much into JS). The JS-Player requires the flash-files to be available over an exisiting URL (such as http://page.domain/flash/file.swf) - And this is where the whole problem begins...
After hours of research and conversing with my collegues and the project-management, we decided to use the following technique to still keep those URLs for the JS-Player while preventing the user from simply accessing our "top secret flash movies" by typing in the URL in their browser...
We move the Flash-folder to a location outside of our document root -> Flash-files can't be randomly accessed or downloaded via the URL.
We use an Apache-plugin called "mod_rewrite" to rewrite/redirect URLs that look similar to http://page.domain/flash/*.swf to a PHP-file -> We can work with REQUEST_URI to see which flash-file the user wanted to view. Now, inside that PHP file we check wether the user is authenticated or not and either embed the flash-file into the PHP-file or redirect him to an error-page. In theory, the user could still view the flash-file over the URL (without even noticing PHP, since the URL stays http://page.domain/flash/file.swf, hence a perfect fake, no? ;-) ) and everything actually works exactly the way we wanted..........IN FIREFOX!
Now we went live with our application and we had to realise that one of the only things we haven't tested in other browsers (this being one of them) don't work the way we want and instead of viewing/playing the film, we get to see a white window in the JS-Player, while it's trying to download a file called "filename_swf" (underscore instead of dot?) when you access the movie over the URL (http://page.domain/flash/file.swf).
How we embed Flash into PHP:
Headers + outputting the flash-files content....
header('Content-Type: application/x-shockwave-flash');
header('Expires: Thu, 01 Jan 1970 00:00:00 GMT, -1');
header('Cache-Control: no-cache, no-store, must-revalidate');
header('Pragma: no-cache');
echo file_get_contents($request);
As I said, this works just fine in Firefox, however we're sure most of our users will be using IE, in which it doesn't work at all. I personally believe we're missing some sort of header or we have to set a different header depending on the browser...so I thought the best place to ask about Flash Headers would be the actual flash forums. Maybe I'm even totally wrong and missing out something crucial and someone can point me in the right direction...
Thanks!