public static function process() { header('Content-Type: application/json'); ob_start(); define('CLI', true); $catalog_id = AmpConfig::get('upload_catalog'); if ($catalog_id > 0) { $catalog = Catalog::create_from_id($catalog_id); if ($catalog->catalog_type == "local") { $allowed = explode('|', AmpConfig::get('catalog_file_pattern')); if (isset($_FILES['upl']) && $_FILES['upl']['error'] == 0) { $extension = pathinfo($_FILES['upl']['name'], PATHINFO_EXTENSION); if (!in_array(strtolower($extension), $allowed)) { debug_event('upload', 'File extension `' . $extension . '` not allowed.', '2'); return self::rerror(); } $rootdir = self::get_root($catalog); $targetdir = $rootdir; $folder = $_POST['folder']; if ($folder == '..') { $folder = ''; } if (!empty($folder)) { $targetdir .= DIRECTORY_SEPARATOR . $folder; } $targetdir = realpath($targetdir); if (strpos($targetdir, $rootdir) === FALSE) { debug_event('upload', 'Something wrong with final upload path.', '1'); return self::rerror(); } $targetfile = $targetdir . DIRECTORY_SEPARATOR . time() . '_' . $_FILES['upl']['name']; if (Core::is_readable($targetfile)) { debug_event('upload', 'File `' . $targetfile . '` already exists.', '1'); return self::rerror(); } if (move_uploaded_file($_FILES['upl']['tmp_name'], $targetfile)) { debug_event('upload', 'File uploaded to `' . $targetfile . '`.', '5'); if (AmpConfig::get('upload_script')) { chdir($targetdir); exec(AmpConfig::get('upload_script')); } $options = array(); $options['user_upload'] = $GLOBALS['user']->id; if (isset($_POST['license'])) { $options['license'] = $_POST['license']; } $artist_id = intval($_REQUEST['artist']); $album_id = intval($_REQUEST['album']); // Override artist information with artist's user if (AmpConfig::get('upload_user_artist')) { $artists = $GLOBALS['user']->get_artists(); $artist = null; // No associated artist yet, we create a default one for the user sender if (count($artists) == 0) { $artists[] = Artist::check($GLOBALS['user']->f_name); $artist = new Artist($artists[0]); $artist->update_artist_user($GLOBALS['user']->id); } else { $artist = new Artist($artists[0]); } $artist_id = $artist->id; } else { // Try to create a new artist if (isset($_REQUEST['artist_name'])) { $artist_id = Artist::check($_REQUEST['artist_name'], null, true); if ($artist_id && !Access::check('interface', 50)) { debug_event('upload', 'An artist with the same name already exists, uploaded song skipped.', 3); return self::rerror($targetfile); } else { $artist_id = Artist::check($_REQUEST['artist_name']); $artist = new Artist($artist_id); if (!$artist->get_user_owner()) { $artist->update_artist_user($GLOBALS['user']->id); } } } if (!Access::check('interface', 50)) { // If the user doesn't have privileges, check it is assigned to an artist he owns if (!$artist_id) { debug_event('upload', 'Artist information required, uploaded song skipped.', 3); return self::rerror($targetfile); } $artist = new Artist($artist_id); if ($artist->get_user_owner() != $GLOBALS['user']->id) { debug_event('upload', 'Artist owner doesn\'t match the current user.', 3); return self::rerror($targetfile); } } } // Try to create a new album if (isset($_REQUEST['album_name'])) { $album_id = Album::check($_REQUEST['album_name'], 0, 0, null, null, $artist_id); } if (!Access::check('interface', 50)) { // If the user doesn't have privileges, check it is assigned to an album he owns if (!$album_id) { debug_event('upload', 'Album information required, uploaded song skipped.', 3); return self::rerror($targetfile); } $album = new Album($album_id); if ($album->get_user_owner() != $GLOBALS['user']->id) { debug_event('upload', 'Album owner doesn\'t match the current user.', 3); return self::rerror($targetfile); } } if ($artist_id) { $options['artist_id'] = $artist_id; } if ($album_id) { $options['album_id'] = $album_id; } $catalog->add_file($targetfile, $options); ob_get_contents(); ob_end_clean(); echo '{"status":"success"}'; return true; } else { debug_event('upload', 'Cannot copy the file to target directory. Please check write access.', '1'); } } } else { debug_event('upload', 'The catalog must be local to upload files on it.', '1'); } } else { debug_event('upload', 'No catalog target upload configured.', '1'); } return self::rerror(); }
/** * Get item's owner. * @return int|null */ public function get_user_owner() { if (!$this->album_artist) { return null; } $artist = new Artist($this->album_artist); return $artist->get_user_owner(); }