Sometimes when I need to get some code into Articulate early in a presentations life cycle I hijack the null.swf file. Articulate seems to use this file as a place holder for swfs it may or may not load later. The null.swf itself really doesnt have any AS code in it so it's a good place to play.
Keep in mind it gets loaded more then once so you may need to build some checks into your code to make sure you dont repeat yourself.
Here is an example of 'security' using this file. Let's say I wanted to make sure my courses where only run off my own site I could use this:
var urlString = ExternalInterface.call("window.location.href.toString")
That looks for two strings in the URL. Try it your self... click this link:
Then remove the xyz from the URL in your addressbar and hit enter.
Of course this is not h8kr proof but it keeps most folks out.
You could use other data to validate; dates, database info, users, etc. I just used the URL string as an example.
The screenr below will explain how it works:
I didn't know Articulate uses a null.swf file. That's a pretty interesting vulnerability, though Flash's (and the browser's) cross-domain security policy should protect most courses from malicious scripting.
But lets say I want that this flash should be played only in autheticated web sessions, How can I do that ?
If I host a LMS, I want that only registered users who has paid for the course should be able to watch the flash.
Injected of the codes on the all software for the activation is only being assured that which code you are injecting is real or fake. Otherwise system will detect that code and from the https://australianwritings.net/ website the emergency notification will send to the server of the software.