Commit 6dee48cc authored by Seblu's avatar Seblu

download is now by video id and not full path

right check is done before serve content
currently, only public video is downloadable
parent dd5b961b
......@@ -376,19 +376,6 @@ $str = '
echo $str;
}
?>
......@@ -110,7 +110,7 @@ function dispHomeLastVideos(){
// DISP LAST VIDEOS BY TENDU
$str .= dispWhenTendu($video["video_tendu"]);
$str .= '&nbsp;<li><a href="' . $video["video_path"] . ' " class="texte_link"' . '>'.$video["video_name"].'</a></td><td>';
$str .= '&nbsp;<li><a href="?video=' . $video["video_id"] . ' " class="texte_link"' . '>'.$video["video_name"].'</a></td><td>';
if ($video["video_path_daily"]) {
$str .= '&nbsp;&nbsp;&nbsp;';
......
......@@ -51,11 +51,8 @@ function dispVideosMenu(){
$str .= '<li><a href="index.php?section=Videos&year_page=2002" class="texte_link">2002</a></li>';
$str .= '<li><a href="index.php?section=Videos&year_page=2001" class="texte_link">2001</a></li>';
$str .= '<li><a href="index.php?section=Videos&year_page=2000" class="texte_link">avant</a></li>';
$str .= '<li><p>Pour visualiser nos videos: Click-droit, telecharger...</p>
<p>Nous vous conseillons le lecteur <a href="http://www.videolan.org/vlc" target="blank">VLC</a> disponible sous Windows/Mac/Linux.</p>
</li>';
$str .= '</ul>';
return ($str);
return $str;
}
......@@ -121,7 +118,7 @@ function dispVideosByType($result, $video_type) {
while ($video = mysql_fetch_array($result)) {
$str .= dispWhenTendu($video["video_tendu"]);
$str .= ' &nbsp;<a href="' . $video["video_path"] . ' " class="texte_link"' . '>'.$video["video_name"].'</a></td><td>';
$str .= ' &nbsp;<a href="?video=' . $video["video_id"] . ' " class="texte_link"' . '>'.$video["video_name"].'</a></td><td>';
if ($video["video_path_daily"])
$str .= '<a href=?dailymotion='.$video["video_id"].' onclick="return popitup(this, \'EPTV\')" ><img src=\'../images/daily.png\' height=15 border=0></a>';
......@@ -146,4 +143,39 @@ function dispVideosByType($result, $video_type) {
}
// download a video by it's video identifier
function getVideo() {
// get video info
$result = getOneVideo($_GET['video']);
if (mysql_num_rows($result)) {
$video = mysql_fetch_array($result);
// check video and user right
if ($video["video_tendu"] > 0) {
header("Status: 403 Forbidden");
die("Permission refus&eacute;e.");
}
// check file existance and download
if (file_exists($video["video_path"])) {
header('Content-Description: Video Transfer;');
header('Content-Disposition: attachment; filename="'.basename($video["video_path"]).'";');
header('Content-Type: application/octet-stream;');
header('Content-Transfer-Encoding: binary;');
header('Content-Length: ' . filesize($video["video_path"]).';');
flush();
readfile($video["video_path"]);
}
else {
header("Status: 404 Not Found");
die("Le fichier video n'est pas disponible. Contactez le webmaster!!");
}
}
else {
header("Status: 404 Not Found");
die("La vid&eacute;o que vous demandez n'existe pas!");
}
}
?>
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment