encryption creates missing plugin sometimes when playing modules

one current issue, the encryption password is being transmitted making this completely useless at this time... (to be fixed shortly)

(In [6233]) re #2983 get encryption key out of url, and re #2547

to answer the question from some discussion on the IRC, the changes require this to go through the normal config.php with all the included security checking. So if the user can't get to the recording module they can't hack this either. However, there are many systems that have enabled access to the modules directory to get around the problem in #2547 with access violations, so those systems can still be listened into.

In order to somewhat address this, we will encrypt the path name but leave the sound file name alone since this is pulled out of the DOM and we don't want to pre-encrypt every sound file name in the select box. (This requires several changes and also a lot of overhead especially on an embedded low powered system).

If security is an issue, the modules directory should not allow access (and this should be the case anyhow). That should resolve the real problem.

(In [6234]) fixes #2983 now we encrypt the path but not the sound file, for real security, make sure modules diretory is locked down