Pepperhorn is a small print/sheet music publishing company selling sheet music online for our clients to print at home on their printers. In order to secure the sheet music I'm wrapping the sheet music in an swf viewer. We're running the site through Wordpress/WP-Ecommerce and the .swf files are in a downloadables folder within public_html that needs to be locked down with htaccess to prevent direct linking.
I have a php template file that we're using to check the client's browser so it can properly embed the .swf depending on their setup. What I need is a script to get the .swf files securely from the downloadables directory to be embedded via our template. What we need is a time/session limited stream server-side (so we don't have to worry about http referer checks, etc via htaccess) to place the file on the page. I also have to make sure the client can't share the link, so creating a unique session for each access instance and incorporating an ip check in the unique session would be ideal. The main goal is to serve up the files as securely as possible to prevent savvy clients from direct linking to or downloading the .swf files.
Please include a summary of your solution with your bid. Thanks!