This file takes password input.
<html>
<form action="playvideo.php" method="post">
<input type="text" name="password"/>
<input type="submit">
</html>
This file plays the video
<?php
if(isset($_POST["password"])){
$password=$_POST["password"];
}
else{
$password="";
}
if($password!="pass"){
echo "unauthorised";
}
else{
$local_file = 'video.mp4';
$size = filesize($local_file);
header("Content-Type: video/mp4");
header("Content-Length: ".$size);
readfile($local_file);
}
?>
Also the code works fine if I do not wrap it inside an if statement.
little changes needed....
you may try like
<?php
if((isset($_POST["password"])) && (!empty($_POST['password']))) {
$password=$_POST["password"]; //recommended to sanitize this input value
if($password!="pass"){
echo "unauthorised";
}else{
$local_file = 'video.mp4';
$size = filesize($local_file);
header("Content-Type: video/mp4");
header("Content-Length: ".$size);
readfile($local_file);
}
}else{
echo 'password is not provided';
}
?>
password.html
<html>
<form action="playvideo.php" method="post">
<input type="text" name="password"/>
<input type="submit">
</html>
playvideo.php
<?php
$password = ($_SERVER['REQUEST_METHOD'] === 'POST' AND isset($_POST['password'])) ? $_POST['password'] : '';
if( $password !== 'pass')
{
echo 'unauthorized';
// stop execution
exit;
}
// Now only for authorized users
$local_file = 'video.mp4';
$size = filesize($local_file);
header("Content-Type: video/mp4");
header("Content-Length: ".$size);
readfile($local_file);
exit;
playvideo.php
<?php
session_start();
$hiddenPassword = 'pass';
if($_SERVER['REQUEST_METHOD'] === 'POST')
{
if(isset($_POST['password']) AND $_POST['password'] === $hiddenPassword)
{
$_SESSION['authorized'] = TRUE;
}
}
if(isset($_SESSION['authorized']) AND $_SESSION['authorized'])
{
$local_file = 'video.mp4';
$size = filesize($local_file);
header("Content-Type: video/mp4");
header("Content-Length: ".$size);
readfile($local_file);
exit;
}
else
{
echo 'Not authorized';
exit;
}
playvideo.php
<?php
$hiddenPassword = 'pass';
if($_SERVER['REQUEST_METHOD'] === 'POST')
{
if(isset($_POST['password']) AND $_POST['password'] === $hiddenPassword)
{
header('Location: playvideo.php?pass=' . hash('sha512', $hiddenPassword));
exit;
}
}
else if(isset($_GET['pass']) AND $_GET['pass'] == hash('sha512', $hiddenPassword))
{
$local_file = 'video.mp4';
$size = filesize($local_file);
header("Content-Type: video/mp4");
header("Content-Length: ".$size);
readfile($local_file);
exit;
}
else
{
die('Not authorized :(');
}
<?php
if ((isset($_POST["password"])) && (!empty($_POST['password']))) {
$password = trim($_POST["password"]);
if ($password != "pass") {
echo "Unauthorised";
} else {
?>
<video width="320" height="240" controls autoplay> <!--Video tag introduced in HTML5-->
<source src="video.mp4" type="video/mp4">
Sorry, your browser doesn't support the video element.
</video>
<?php
}
} else {
echo 'Password is not provided';
}
?>