-1

I have audio located at /home/user/audio. I know it is impossible to prevent downloads, but I just want to make it tough for most. I followed this post: setting-up-apache-to-serve-php-when-an-mp3-file-is-requested

But people can still readily download the mp3 by selecting "Save Audio As" when right clicking the audio element.

Here is the code on the page where audio is linked:

$link="http://www.example.com/getaudio.php?name=$filename";
echo  '<audio src="'.$link.'"' . ' autoplay controls>';

And here is the getaudio.php

$name=$_GET['name'];
$filename="/home/user/audio/".$name.".mp3";
if (file_exists($filename)) {
    header("Content-Type: audio/mpeg");
    header('Content-Length: ' . filesize($filename));
    header('Content-Disposition: inline; filename="blah.mp3"');
    header('X-Pad: avoid browser bug');
    header('Cache-Control: no-cache');
    readfile($filename);
    exit;
} else {
    header($_SERVER['SERVER_PROTOCOL'].' 404 Not Found', true, 404);
    echo "no file";
}

Any idea why despite above, one can so easily download the mp3? In the linked example, I don't see anything obvious that I am missing, but I must be missing something obvious!

Edit: My post is different from the one mentioned, as I was trying to avoid a javascript approach, and instead use php, and disable the "save audio as" menu item. In the end though, I ended up using a single js line to disable the "save audio as" menu item as the audio element itself does not allow for that.

Thanks

Community
  • 1
  • 1
Brian Huether
  • 179
  • 7
  • I would say don't bother. Even youtube can have it's stuff downloaded. Have a nice collection actually – Drew Aug 30 '15 at 16:16
  • I am tempted to just not bother... But maybe in the php file I can check the referer? I want to at least make people use a 3rd party plugin to grab the audio versus giving them an easy "save as" link... – Brian Huether Aug 30 '15 at 16:19
  • 1
    possible duplicate of [Audio tag security in html5](http://stackoverflow.com/questions/15350723/audio-tag-security-in-html5) – Maverick Aug 30 '15 at 16:24

2 Answers2

0

May sound opposite of solution but answer is mostly on client side. I would break the audio in multiple parts. Then play it one by one. It is difficult for most people to combine multiple video files.

Here is how your client side will manage multi-part audio: Load the 1st part of audio and start playing. As soon as you start playing it, start loading second part of audio, once loading of second part is done, then only load 3rd part and so on otherwise most will suffer buffering issue (if you divided it in many part) and your sever will be busier than required.

Once the 1st part of video is complete, play second audio immediately.

Community
  • 1
  • 1
Yogee
  • 1,412
  • 14
  • 22
-2

I realized I can simply do this:

echo  '<div oncontextmenu="return false;"><audio src="'.$link.'"' . ' autoplay controls></div>';

So now at least some people will be deterred. Thanks.

Brian Huether
  • 179
  • 7