<?php
define("AUTHUSER", $adultCentroAuthUser);
define("PASSWORD", $adultCentroPassword); // This is CLEAR (not hashed) password for user you can find main user by editing and saving your site or via user management
define("BASE_URL", $adultCentroBaseUrl);
define('SECURE_VALUE_FOR_HASH', $adultCentroSecureValueForHash);
define("AUTH_ADD", $adultCentroAuthAdd);
define("AUTHALIAS", $adultCentroAuthAlias);
define("EXPIRATION_TIMESTAMP", time()+100);

if($_GET['hash'] != md5($adultCentroPassword.$_GET[id].$_SERVER['REMOTE_ADDR'])) { 
	exit();
}


$authaliasRequired = false;

// Now let's add expiration, authalias & make HASH
$contentRequest = array(
	'action'    => 'showGalleries',
	'subAction' => 'listScenes',
	'scenes' => (int)$_GET[id]
);

$contentRequestUrl = BASE_URL . "api/boxedpromo?xml=1&" . http_build_query($contentRequest);

$curl_session = curl_init();
curl_setopt($curl_session, CURLOPT_RETURNTRANSFER, true);
curl_setopt($curl_session, CURLOPT_URL, $contentRequestUrl);
$xml = curl_exec($curl_session);

$responseData = simplexml_load_string($xml);
foreach ($responseData->Dvds->dvd[0]->formats->format as $format) {
	if ($format->extension == 'mp4') {
		$type = $format->types->type[0];
	}
}


if($encodeTrailer) { 
	$link = $responseData->Dvds->dvd[0]->preview; 
	header("Location: $link");
	exit();
} else { 
	$videoLink = preg_replace('/&?hash\s*=\s*[^&]*/i', '', $type->urlApp); 

	$videoLink .= '&till=' . EXPIRATION_TIMESTAMP . ($authaliasRequired ? '&alias=' . AUTHALIAS : '');
	$hash = md5($videoLink . md5(PASSWORD) . SECURE_VALUE_FOR_HASH . EXPIRATION_TIMESTAMP . (empty($checkIp) ? '' : $_SERVER['REMOTE_ADDR']));
	$final_url = $videoLink . '&hash=' . $hash;
	if ($_REQUEST['start']) $final_url .= '&start=' . $_REQUEST['start'];

	header('Location:'.$final_url);
	exit();
}
?>