case 'external_share':
if (AmpConfig::get('demo_mode')) {
UI::access_denied();
exit;
}
$plugin = new Plugin($_GET['plugin']);
if (!$plugin) {
UI::access_denied('Access Denied - Unkown external share plugin.');
exit;
}
$plugin->load($GLOBALS['user']);
$type = $_REQUEST['type'];
$id = $_REQUEST['id'];
$allow_download = $type == 'song' && Access::check_function('download') || Access::check_function('batch_download');
$secret = Share::generate_secret();
$share_id = Share::create_share($type, $id, true, $allow_download, AmpConfig::get('share_expire'), $secret, 0);
$share = new Share($share_id);
$share->format(true);
header("Location: " . $plugin->_plugin->external_share($share->public_url, $share->f_name));
exit;
}
/**
* If Access Control is turned on then we don't
* even want them to be able to get to the login
* page if they aren't in the ACL
*/
if (AmpConfig::get('access_control')) {
if (!Access::check_network('interface', '', '5')) {
debug_event('UI::access_denied', 'Access Denied:' . $_SERVER['REMOTE_ADDR'] . ' is not in the Interface Access list', '3');
UI::access_denied();
exit;
/**
* createShare
* Create a public url that can be used by anyone to stream media.
* Takes the file id with optional description and expires parameters.
*/
public static function createshare($input)
{
self::check_version($input, "1.6.0");
$id = self::check_parameter($input, 'id');
$description = $input['description'];
if (AmpConfig::get('share')) {
if (isset($input['expires'])) {
$expires = $input['expires'];
// Parse as a string to work on 32-bit computers
if (strlen($expires) > 3) {
$expires = intval(substr($expires, 0, -3));
}
$expire_days = round(($expires - time()) / 86400, 0, PHP_ROUND_HALF_EVEN);
} else {
$expire_days = AmpConfig::get('share_expire');
}
$object_id = Subsonic_XML_Data::getAmpacheId($id);
if (Subsonic_XML_Data::isAlbum($id)) {
$object_type = 'album';
} else {
if (Subsonic_XML_Data::isSong($id)) {
$object_type = 'song';
}
}
if (!empty($object_type)) {
$r = Subsonic_XML_Data::createSuccessResponse();
$shares = array();
$shares[] = Share::create_share($object_type, $object_id, true, Access::check_function('download'), $expire_days, Share::generate_secret(), 0, $description);
Subsonic_XML_Data::addShares($r, $shares);
} else {
$r = Subsonic_XML_Data::createError(Subsonic_XML_Data::SSERROR_DATA_NOTFOUND);
}
} else {
$r = Subsonic_XML_Data::createError(Subsonic_XML_Data::SSERROR_UNAUTHORIZED);
}
self::apiOutput($input, $r);
}
require_once AmpConfig::get('prefix') . '/templates/show_add_share.inc.php';
}
}
UI::show_footer();
exit;
case 'create':
if (AmpConfig::get('demo_mode')) {
UI::access_denied();
exit;
}
if (!Core::form_verify('add_share', 'post')) {
UI::access_denied();
exit;
}
UI::show_header();
$id = Share::create_share($_REQUEST['type'], $_REQUEST['id'], $_REQUEST['allow_stream'], $_REQUEST['allow_download'], $_REQUEST['expire'], $_REQUEST['secret'], $_REQUEST['max_counter']);
if (!$id) {
require_once AmpConfig::get('prefix') . '/templates/show_add_share.inc.php';
} else {
$share = new Share($id);
$body = T_('Share created.') . '<br />' . T_('You can now start sharing the following url:') . '<br />' . '<a href="' . $share->public_url . '" target="_blank">' . $share->public_url . '</a><br />' . '<div id="share_qrcode" style="text-align: center"></div>' . '<script language="javascript" type="text/javascript">$(\'#share_qrcode\').qrcode({text: "' . $share->public_url . '", width: 128, height: 128});</script>' . '<br /><br />' . T_('You can also embed this share as a web player into your website, with the following html code:') . '<br />' . '<i>' . htmlentities('<iframe style="width: 630px; height: 75px;" src="' . Share::get_url($share->id, $share->secret) . '&embed=true"></iframe>') . '</i><br />';
$title = T_('Object Shared');
show_confirmation($title, $body, AmpConfig::get('web_path') . '/stats.php?action=share');
}
UI::show_footer();
exit;
case 'show_delete':
UI::show_header();
$id = $_REQUEST['id'];
$next_url = AmpConfig::get('web_path') . '/share.php?action=delete&id=' . scrub_out($id);
show_confirmation(T_('Share Delete'), T_('Confirm Deletion Request'), $next_url, 1, 'delete_share');
