📝 The powerpoint viewer (google gview) tweak implementation.

This implementation protects against an ordinary user from stealing a powerpoint presentation by hiding the new window pop-up and hiding the file to show if viewings source in browser. This is NOT a 100% protection, a user who is a skilled web-developer (hacker) can anyway find the location of the .pptx file used and get it by using misc. developer methods. Test of the implementation for a .pptx file can be found here: Test of a pptx and for a .pdf file here: Test of a pdf.

Stealth PPT Viewer & Management System

Table of Contents

1. File Inventory & Directory Mapping
2. The Master Viewer (pptviewflat.shtml)
3. The "Center-Clip" Stealth Technique
4. The Logic Layer (load-document.php)
5. Administrative Management (admin.php)
6. Security & Implementation Checklist

1. File Inventory & Directory Mapping

The system is comprised of the following files. All files should reside in the same server directory.

File Name	Type	Access	Description
`pptviewflat.shtml`	Main Page	Public	The user-facing viewer (HTML/CSS/JS).
`admin.php`	Control	Private	Management GUI for adding/deleting presentations.
`load-document.php`	Logic Engine	Public	Gateway that performs secret redirects via `document-list.php`.
`document-list.php`	Database	Server	PHP array of Secret URLs (Managed by admin.php).
`ppt-names.inc`	Database	Public/SSI	JS object of Friendly Names (Managed by admin.php).

2. The Master Viewer (pptviewflat.shtml)

Uses Server Side Includes (SSI) to inject metadata and JavaScript to manage the display state. The browser history (Back button) is supported via the popstate listener.

HTML Hooks & SSI Structure

<!-- DATA INJECTION -->
<!--#include virtual="ppt-names.inc" -->

<!-- UI HEADER: ID and Name injected here -->
<div class="ppt-header">
    <span id="display-id"></span>
    <span id="display-name"></span>
</div>

3. The "Center-Clip" Stealth Technique

Google's UI is hidden using a CSS "Mask" technique. By making the iframe wider than the container and shifting its position, we crop out the UI elements.

CSS Logic

.ppt-container {
    position: relative; width: 100%; height: 600px; 
    overflow: hidden; background: #000;
}
.ppt-frame {
    position: absolute; left: 50%; transform: translateX(-50%);
    top: -50px;       /* Hides Top Bar */
    width: 140%;      /* Hides Side Buttons */
    height: calc(100% + 60px); 
    border: none;
}

4. The Logic Layer (load-document.php)

This script is the security gatekeeper. It performs a referer check to ensure requests come from your domain, then includes the document-list.php vault to find the redirect destination.

include(__DIR__ . '/document-list.php'); // Direct link to URL vault
if (array_key_exists($doc_id, $documents)) {
    header("Location: " . $documents[$doc_id]);
    exit;
}

5. Administrative Management (admin.php)

The Presentation Manager provides a secure interface to update your library without writing code. Password: see the source file

Add: Fill in the bottom light-blue row and Save.
Edit: Update text in the Name or URL fields.
Delete: Check the box and Save.
Note: Data files must be chmod 666 to allow saving.

6. Security & Implementation Checklist

Target	Method	Result
URL Privacy	PHP Bridge	The .pptx path never appears in the browser source code.
Control Privacy	Center-Clipping	Google's "Download" and "Pop-out" buttons are invisible.
Admin Security	Basic Auth	Unauthorized users cannot view or edit the URL list.

Pro-Tip: If the PowerPoint appears too small, increase the zoom: 1.1; on the .ppt-frame class or adjust the width: 140% to a higher value for a tighter crop.