exit;
case 'external_share':
if (AmpConfig::get('demo_mode')) {
UI::access_denied();
exit;
}
$plugin = new Plugin($_GET['plugin']);
if (!$plugin) {
UI::access_denied('Access Denied - Unkown external share plugin.');
exit;
}
$plugin->load($GLOBALS['user']);
$type = $_REQUEST['type'];
$id = $_REQUEST['id'];
$allow_download = $type == 'song' && Access::check_function('download') || Access::check_function('batch_download');
$secret = Share::generate_secret();
$share_id = Share::create_share($type, $id, true, $allow_download, AmpConfig::get('share_expire'), $secret, 0);
$share = new Share($share_id);
$share->format(true);
header("Location: " . $plugin->_plugin->external_share($share->public_url, $share->f_name));
exit;
}
/**
* If Access Control is turned on then we don't
* even want them to be able to get to the login
* page if they aren't in the ACL
*/
if (AmpConfig::get('access_control')) {
if (!Access::check_network('interface', '', '5')) {
debug_event('UI::access_denied', 'Access Denied:' . $_SERVER['REMOTE_ADDR'] . ' is not in the Interface Access list', '3');
UI::access_denied();
/**
* createShare
* Create a public url that can be used by anyone to stream media.
* Takes the file id with optional description and expires parameters.
*/
public static function createshare($input)
{
self::check_version($input, "1.6.0");
$id = self::check_parameter($input, 'id');
$description = $input['description'];
if (AmpConfig::get('share')) {
if (isset($input['expires'])) {
$expires = $input['expires'];
// Parse as a string to work on 32-bit computers
if (strlen($expires) > 3) {
$expires = intval(substr($expires, 0, -3));
}
$expire_days = round(($expires - time()) / 86400, 0, PHP_ROUND_HALF_EVEN);
} else {
$expire_days = AmpConfig::get('share_expire');
}
$object_id = Subsonic_XML_Data::getAmpacheId($id);
if (Subsonic_XML_Data::isAlbum($id)) {
$object_type = 'album';
} else {
if (Subsonic_XML_Data::isSong($id)) {
$object_type = 'song';
}
}
if (!empty($object_type)) {
$r = Subsonic_XML_Data::createSuccessResponse();
$shares = array();
$shares[] = Share::create_share($object_type, $object_id, true, Access::check_function('download'), $expire_days, Share::generate_secret(), 0, $description);
Subsonic_XML_Data::addShares($r, $shares);
} else {
$r = Subsonic_XML_Data::createError(Subsonic_XML_Data::SSERROR_DATA_NOTFOUND);
}
} else {
$r = Subsonic_XML_Data::createError(Subsonic_XML_Data::SSERROR_UNAUTHORIZED);
}
self::apiOutput($input, $r);
}
?>
</td>
<td>
<?php
echo $object->f_link;
?>
</td>
</tr>
<tr>
<td><?php
echo T_('Secret');
?>
</td>
<td>
<input type="text" name="secret" value="<?php
echo scrub_out($_REQUEST['secret'] ?: Share::generate_secret());
?>
" />
<?php
AmpError::display('secret');
?>
</td>
</tr>
<tr>
<td><?php
echo T_('Max Counter');
?>
</td>
<td>
<input type="text" name="max_counter" value="<?php
echo scrub_out($_REQUEST['max_counter'] ?: '0');
