Skip to main content
K
kaka2kool
Inspiring
October 16, 2010
Question

php Authentication script?

  • October 16, 2010
  • 1 reply
  • 992 views

Hi,

I used to run stream via icecast streaming server which had php authentication capabilities.

My question is, is it possible to do the same with FMS? Put this sort of code in main.asc to verify a viewers credential before allowing him to watch. At the moment the domain/swf restrictions work well but this could add a little more security into the mix?

Something like this to determine whether a user has an active subscription to watch a certain video

<?php

function MySQLConnect( )

{

$db_host="localhost";

$db_username="xyz";

$db_password="xyz";

$db_name="xyz";

$connection= mysql_connect( $db_host, $db_username, $db_password );

if (!$connection)

        { return "FAILED"; }

mysql_select_db( $db_name, $connection ) or die ("FAILED");

return $connection;

}

function basic_icecast_check_user_allowed ( $username , $password  )

{

$allow_user_auth_query = "

select

xyz_members.login,

xyz_members.pass

from

xyzr_members,xyz_payments

where

xyz_payments.member_id=xyz_members.member_id and

xyz_members.status=1 and

xyz_payments.expire_date>NOW() and

xyz_members.login='$username' and

xyz_members.pass='$password'

limit 1                        "

$find_allowed = mysql_query ( $allow_user_auth_query );

$auth_stream_count = mysql_num_rows ( $find_allowed );

if ( $auth_stream_count==0 )

        { return array(0,"User Invalid",0); }

$test_allowed = mysql_fetch_assoc( $find_allowed );

if ( $auth_stream_count==1 )

{

return array(1,"Found",0 );

}

return array(0,"Password Invalid",0);

}

?>

    This topic has been closed for replies.

    1 reply

    A
    Anonymous
    October 16, 2010

    Hi,

    Although you can work around to obtain this sort of functionality in main.asc using Server side Actionscript, a good way to achieve this will be to use an access or an authorization plugin for this. These plugins are written in C++ and here you can write code to authenticate clients when it requests a connect to server or when it requests a play. For more on plugins see http://help.adobe.com/en_US/FlashMediaServer/3.5_Plugin/WS5b3ccc516d4fbf351e63e3d11a0d662434-7ff6.html . Revert back in case you need any more info on this.

    Thanks,

    Abhishek

    K
    kaka2koolAuthor
    Inspiring
    October 16, 2010

    Hi,

    Thanks for the reply. I'm haven't a clue about programming or writing codes etc. Can you a little bit? Can you write an example code which I can put into main.asc to get me started?

    Thanks

    A
    Anonymous
    October 27, 2010

    Hi,

    Apologies for the late reply. What you will need to do if you want to implement it in main.asc, is to make a call to your PHP script responsible for authentication and send it the credentials as post method. The PHP script like one you have written should accept this POST data and then authenticate the client from Database.

    It would be something like this:

    application.onConnect = function(client,username,password)  {

      

         ///Use the loadvars class to send username and password to PHP script

          

    }

    Now it should be the responsibility of your client side swf to send username and password to FMS.

    Also here is a good example of how to use loadvars class to interact with PHP http://flash-creations.com/notes/servercomm_database.php. Using this example in similar way you can continue to use your PHP script to authenticate the client which you need to call with client data.

    However, just wanted to point out that in case if you are looking for more control over your streams in terms of who sees it. You may consider using FMS with Flash Access which gives you more control in terms of which stream can be viewed by everyone and which streams require authentication. It has options of implementing a MySQL database in the backend to authenticate clients, also it provides encryption schemes for you to use. See more about it here http://www.adobe.com/products/flashaccess/

    Thanks,

    Abhishek

    Terms & ConditionsAccessibility statement
    Using the community Terms of use Privacy Cookie preferences Do not sell or share my personal information ad choicesAdChoices