--- flashvideo_s3.module.orig	2008-08-30 14:11:56.000000000 +0000
+++ flashvideo_s3.module	2008-11-23 20:56:26.000000000 +0000
@@ -95,11 +95,18 @@ function flashvideo_s3_form_alter($form_
    
      $form['flashvideo_s3']['flashvideo_s3_bucket'] = array(
        '#type' => 'textfield',
-       '#title' => t('S3 Bucket'),
+       '#title' => t('S3 Bucket Prefix'),
        '#default_value' => variable_get('flashvideo_s3_bucket', str_replace(" ", "_", $conf['site_name'])),
-       '#description' => t("Name of the S3 bucket, note this has to be unique."),
+       '#description' => t("Name of the S3 bucket prefix. Note that 'prefix + filepath' must be unique across ALL of S3."),
      );
-   
+	 
+	 $form['flashvideo_s3']['flashvideo_s3_original_make_private'] = array(
+       '#type' => 'checkbox',
+       '#title' => t('Make Original Files bucket Private.'),
+       '#default_value' => variable_get('flashvideo_s3_original_make_private', 0),
+       '#description' => t("Checking this check box will make S3 bucket for original videos private."),
+     );
+	 
      $form['flashvideo_s3']['flashvideo_s3_url'] = array(
        '#type' => 'textfield',
        '#title' => t('S3 URL'),
@@ -174,25 +181,26 @@ function flashvideo_s3_flashvideo_get_fi
    if( !variable_get('flashvideo_s3_enable', 0) || !($s3 = _flashvideo_s3_getS3()) ) {
      return array();
    }
-
+   
    // Get the path from the database and return it... if it does not exist, then just return false.
    if($bucket = db_result(db_query("SELECT bucket FROM {flashvideo_s3} WHERE fid=%d", $file->fid)) ) {
       
       // Get the filename for the file on the Amazon S3 server.
       $filename = basename($file->filepath);
-      
       // Check to make sure this file exists on the Amazon S3 server.
       if($s3->fileExists($bucket, $filename)) {
-      
-         // If they wish to delete the local files, then we need to do this here...
-         if( variable_get('flashvideo_s3_delete', 0) && file_exists(getcwd() . '/' . $file->filepath) ) {
-            // Delete the file
-            file_delete($file->filepath); 
-         }
-      
-         $filepath['file'] = "http://s3.amazonaws.com/". $bucket ."/". $filename;
-         return $filepath;
-      }
+        
+		if (flashvideo_s3_is_original($file) && variable_get('flashvideo_s3_original_make_private',0)) { //If file is private, we want to use authentication string url
+			$lifetime = '1800'; // TODO - make this an option
+			$filepath['file'] = flashvideo_s3_getAuthenticatedURL($bucket, $filename , $lifetime);
+			return $filepath;
+		}
+		else {
+		
+			$filepath['file'] = "http://s3.amazonaws.com/". $bucket ."/". $filename;
+			return $filepath;
+		}
+	  }
       else
       {
          drupal_set_message('File Not found on S3 server:<br/><pre>' . var_export($s3->why(), true) . '</pre>', 'error');
@@ -241,10 +249,22 @@ function flashvideo_s3_flashvideo_save_f
    
   // Now place the file on the server.
   if( $s3->putFile(getcwd() . '/' . $file->filepath, $bucket, $filename) ) {
-    if(!($s3->setACL($bucket, $filename))) {
+   
+   if (flashvideo_s3_is_original($file) && variable_get('flashvideo_s3_original_make_private',0)) { //Do we want the original files to be public or private?
+	$aclshorthand = 'private';
+   }
+   else {
+	$aclshorthand = 'public-read';
+	}
+    
+   if(!($s3->setACL($bucket, $filename, $aclshorthand))) {
       drupal_set_message('Failed setACL:<br/><pre>' . var_export($s3->why(), true) . '</pre>', 'error');
       return array();
     }
+	else {
+		drupal_set_message('setACL:  ' . $file->filename . ' has been set to ' . $aclshorthand);
+	}
+		
   } 
   else
   {
@@ -254,5 +274,49 @@ function flashvideo_s3_flashvideo_save_f
    
   db_query("INSERT INTO {flashvideo_s3} (fid, bucket) VALUES (%d, '%s')", $file->fid, $bucket); 
   drupal_set_message($file->filename . ' has been added to the Amazon S3 server');
+
+  // If they wish to delete the local files, then we need to do this here...
+  if( variable_get('flashvideo_s3_delete', 0) && file_exists(getcwd() . '/' . $file->filepath) ) {
+  // Delete the file
+         file_delete($file->filepath); 
+		 drupal_set_message($file->filepath . ' has been deleted from the local server');
+	}
   return true;
 }
+
+
+/**
+* Get a query string authenticated URL
+* Modified slightly from http://undesigned.org.za/2007/10/22/amazon-s3-php-class
+* @param string $bucket Bucket name
+* @param string $uri Object URI (filename)
+* @param integer $lifetime Lifetime in seconds
+* @return string
+*/
+function flashvideo_s3_getAuthenticatedURL($bucket, $uri, $lifetime) {
+	$expires = time() + $lifetime;
+	if (! variable_get('flashvideo_s3_key', null) || ! variable_get('flashvideo_s3_skey', null)) {
+    drupal_set_message('Error: Must set S3 Access Key and Secret Key!', 'error');
+	return false;
+	}
+	else {
+	$access_key = variable_get('flashvideo_s3_key', null);
+	$secret_key = variable_get('flashvideo_s3_skey', null);
+	return sprintf("http://%s/%s?AWSAccessKeyId=%s&Expires=%u&Signature=%s", 's3.amazonaws.com/' . $bucket ,
+	$uri, $access_key, $expires, urlencode(base64_encode((hash_hmac("sha1", utf8_encode("GET\n\n\n{$expires}\n/{$bucket}/{$uri}"), $secret_key, TRUE)))));
+	}
+}
+	
+/** 
+* check if file is original  (true) or converted (false)
+* This should probably be in flashvideo.module
+*/
+	
+function flashvideo_s3_is_original($file) {
+	if ( get_file_ext($file->filepath) != 'flv' && get_file_ext($file->filepath) != 'jpg' ) {
+		return true;
+	}
+	else {
+		return false;
+	}
+}
\ No newline at end of file