From: "Jacob Kruger" on
FWIW, and might be minorly interesting, but in order to use something like
the following HTML tag in a page to play a sound in the background, but
without actually allowing them to see the actual file name to prevent the
file from being directly downloaded:

<bgsound src="sndsrc.php" loop="1" />

Then in the sndsrc.php file:
//wav = "audio/x-wav"
//mp3 = "audio/mpeg"
$PhysicalFileName = "realsource.wav";
header('HTTP/1.1 200 OK', True, 200);
header('Content-Description: File Transfer');
header('Content-Type: audio/x-wav');
header('Content-Disposition: attachment; filename="redirected.wav"');
header('Content-Transfer-Encoding: binary');
header('Expires: 0');
header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
header('Pragma: public');
header('Content-Length: ' . filesize($PhysicalFileName));
readfile($PhysicalFileName);

Suppose it would let you then at the very least double check session usage,
or maybe check requesting URL or something to then block them from
downloading the file directly as such.

Stay well

Jacob Kruger
Blind Biker
Skype: BlindZA
'...fate had broken his body, but not his spirit...'


__________ Information from ESET NOD32 Antivirus, version of virus signature database 4911 (20100303) __________

The message was checked by ESET NOD32 Antivirus.

http://www.eset.com




__________ Information from ESET NOD32 Antivirus, version of virus signature database 4912 (20100303) __________

The message was checked by ESET NOD32 Antivirus.

http://www.eset.com