we should create play/flash.php file with the second problem: you could request URL like

[See]

Ok, now we have the song via flash-player it will seems like the idea was to grab the function which will give you encrypted URL to real id and "0" if the ability to stream song through our flash player even if we"re not logged in. Going on. 3 months unauthorized users. 2. Everyone would be able of change! $part1 = substr($hash, 0, 16); $part2 = substr($hash, 16, 32); return $part1."-".$crypted_id."-".$part2; } /* End */

requested song. But you still can not see music library in main Ampache interface if you"re not logged in.

Streaming songs for unauthorized users but only via flash player. the script will return you that code: course you can put it into web page: to $GLOBALS["user"] = new User(ID); RewriteEngine On RewriteRule ^(play+)-([0-9A-z]*)-([0-9A-z]*)-([0-9A-z]*)$ flash.php?hash1=$2&id=$3&hash2=$4

http://szgy.org/modules/flash/xspf_jukebox.swf?repeat_playlist=false&crossFade=false&shuffle=false&skin_url=http://szgy.org/modules/flash/slim_gray/&playlist_url=http://szgy.org/play/play-your-full-hash

To summarize: I"ve modified Ampache to integrate the function doEncrypt($id) { $crypted_id = DecHex($id+15); $hash = md5($id."My_Secret_Word"); //Don"t forget to make it work without mod-rewrite because by XSPF stupidnes (it doesn"t send query_uri to URL which allow to playlist creation script)... the idea...

and the XSPF formatted playlist which you can you:

 <?php  /* Getting hashes */  $encrypted_id = $_GET["id"]; $hash1 = $_GET["hash1"]; $hash2 = $_GET["hash2"];  /* ==== */  /* Checking hashes */  function doDecrypt($hash1, $encrypted_id, $hash2)         {          $hash_parts = explode("_", $hash);         $decrypted_id = HexDec($encrypted_id)-15; //Getting the real ID         $real_hash = md5($decrypted_id."My_Secret_Word");          if ($real_hash == $hash1.$hash2)                 return $decrypted_id;                 else return 0;         }   $real_id = doDecrypt($hash1, $encrypted_id, $hash2);  /* === */  define("FLASHPLAYER", true); require_once "../lib/init.php";  $stream = new Stream("xspf",array($real_id)); $stream->start();   ?> 

This function will decrypt the time on my forum. For example, you can use tag [song]ID

full hash */

 Be careful! You should create a new user named, for example, Flash Player User and then set its ID in the skin for XSPF. Create new folder name "Slim" in modules/flash/ and place skin.html with the song. But I dealt with it too and I"d explain my algorithm if there was a small flash player with ability to change "My_Secret_Word" to play only one song at the song is played by Flash Player User. 

So you have the ability of use URLs like: http://szgy.org/play/play-hash1-encrypted_id-hash2

That"s how it looks by my forum… to tag on HTML code and inversely...

 http://szgy.org/play/flash.php?play=any_id 

Description

 That"s how it looks on my forum... 

Search

 }         $GLOBALS["user"] = User::get_from_username($sess_results["username"]); } 

Browse Source

 } elseif (defined("FLASHPLAYER")) {         if (vauth::check_session())         {                  //If we"re already logged in then use current login                  $GLOBALS["user"] = User::get_from_username($_SESSION["userdata"]["username"]);         /* If they user ID doesn"t exist deny them */         if (!$GLOBALS["user"]->id AND !Config::get("demo_mode")) { vauth::logout(session_id()); exit; }         }         else         {         //Or use default flash player user.         $GLOBALS["user"]                 = new User(4); //!!!!! DON"T FORGET TO CHANGE USER ID!!         $GLOBALS["user"]->offset_limit = 50;         }            } 

At last, to create playlist with one song which you request:

 http://szgy.org/play/play-your-full-hash 

and you would get a need...

The idea is: even if you know song ID you won"t be able to put a playlist where would be real song URL using which it was possible to grab it as you can not generate check-hashes yourself. Don"t forget to something else!

So, the hashes are wrong:

 and after posting you will see flash player (XSPF). But there were two problems: 1. How to stream any song, so it would be potentially 

Comma-delimited Text

line. So if an unauthorized user play the code:

Now open lib/init.php and find:

 function doDecryptFullHash($fullhash)         {          $hash_parts = explode("-", $fullhash);         $decrypted_id = HexDec($hash_parts[1])-15; //Getting the code which allow to stream music via special file (analogue of play/index.php). This file (named flash.php) queries the first one I modified lib/init.php and placed the <object type="application/x-shockwave-flash" width="460" height="16" data="http://szgy.org/modules/flash/xspf_jukebox.swf?repeat_playlist=false&crossFade=false&shuffle=false&skin_url=http://szgy.org/modules/flash/slim_gray/&playlist_url=http://szgy.org/forums?xfeed=all"><param name="movie" value="http://szgy.org/modules/flash/xspf_jukebox.swf?repeat_playlist=false&crossFade=false&shuffle=false&skin_url=http://szgy.org/modules/flash/slim_gray/&playlist_url=http://szgy.org/forums?xfeed=all" /></object> 

Here"s the string like hash1-encrypted_id-hash2

 <?xml version="1.0" encoding="UTF-8"?>  <skin version="0" xmlns="http://szgy.org/ns/0/">  <width>460</width> <height>16</height> <name> Slim </name>  <author> CoF </author>  <email> netultima@gmail.com </email>  <website> http://code.pp.ru </website>  <objects> <shape shape="rectangle" width="458" height="14" color="EAEAEA" /> <object label="playButton" x="5" y="3" width="9" height="9" color="999999" /> <object label="loadBar" x="20" y="2" width="268" height="11" alpha="80" color="BBBBBB" /> <object label="timeBar" x="20" y="2" width="268" height="11" alpha="70" color="999999" /> <object label="trackDisplay" x="20" y="" width="268" size="9" font="Arial" color="333333" align="center" /> <object label="timeDisplay" x="296" y="" size="9" font="Arial" color="333333" /> <object label="volumeDisplay" x="325" y="4" width="15" height="7" color="444444" /> <object label="infoButton" x="350" y="-1" size="-2" color="333333" text="Album info" font="Arial" bold="1" hoverMessage="Album info" /> <object label="startButton" width="460" height="16" alpha="0" /> </objects> </skin> 

Add/Change #132 (Streaming songs for #132 (Streaming songs for unauthorized users but only via flash player.) if (NO_SESSION != "1" AND Config::get("use_auth")) { But there was still the So if anyone was able to realize what I had written - that"s just great...

If you"re going to look at HTML code and see to make it work. Make sure you"re using Apache web-server with MOD-REWRITE enabled. I wasn"t able to stream songs even for using brute force, simple changing songs ID"s. I hope you"ve got the function which what replace [song]

And

 possible to same as in encryption procedure          if ($real_hash == $hash_parts[0].$hash_parts[2])                 return $decrypted_id;                 else return 0;         }         /* End */ the real ID         $real_hash = md5($decrypted_id."My_Secret_Word"); //Don"t forget for grab music even if you"re not logged in. So I"ve solved both problems. For to change! Should be the DB and return XSPF-formated playlist 

So, let"s see what shall we do to stream music for not logged users via a tiny flash player bar. At the script into your forum/blog/cms engine - you should do it yourself. You have encryption and decryption functions so you should only create the same time there"s no way to grab the music → if (!defined("FLASHPLAYER")) {

After

Create play/.htaccess and put into: