case 'external_share': if (AmpConfig::get('demo_mode')) { UI::access_denied(); exit; } $plugin = new Plugin($_GET['plugin']); if (!$plugin) { UI::access_denied('Access Denied - Unkown external share plugin.'); exit; } $plugin->load($GLOBALS['user']); $type = $_REQUEST['type']; $id = $_REQUEST['id']; $allow_download = $type == 'song' && Access::check_function('download') || Access::check_function('batch_download'); $secret = Share::generate_secret(); $share_id = Share::create_share($type, $id, true, $allow_download, AmpConfig::get('share_expire'), $secret, 0); $share = new Share($share_id); $share->format(true); header("Location: " . $plugin->_plugin->external_share($share->public_url, $share->f_name)); exit; } /** * If Access Control is turned on then we don't * even want them to be able to get to the login * page if they aren't in the ACL */ if (AmpConfig::get('access_control')) { if (!Access::check_network('interface', '', '5')) { debug_event('UI::access_denied', 'Access Denied:' . $_SERVER['REMOTE_ADDR'] . ' is not in the Interface Access list', '3'); UI::access_denied(); exit;
/** * createShare * Create a public url that can be used by anyone to stream media. * Takes the file id with optional description and expires parameters. */ public static function createshare($input) { self::check_version($input, "1.6.0"); $id = self::check_parameter($input, 'id'); $description = $input['description']; if (AmpConfig::get('share')) { if (isset($input['expires'])) { $expires = $input['expires']; // Parse as a string to work on 32-bit computers if (strlen($expires) > 3) { $expires = intval(substr($expires, 0, -3)); } $expire_days = round(($expires - time()) / 86400, 0, PHP_ROUND_HALF_EVEN); } else { $expire_days = AmpConfig::get('share_expire'); } $object_id = Subsonic_XML_Data::getAmpacheId($id); if (Subsonic_XML_Data::isAlbum($id)) { $object_type = 'album'; } else { if (Subsonic_XML_Data::isSong($id)) { $object_type = 'song'; } } if (!empty($object_type)) { $r = Subsonic_XML_Data::createSuccessResponse(); $shares = array(); $shares[] = Share::create_share($object_type, $object_id, true, Access::check_function('download'), $expire_days, Share::generate_secret(), 0, $description); Subsonic_XML_Data::addShares($r, $shares); } else { $r = Subsonic_XML_Data::createError(Subsonic_XML_Data::SSERROR_DATA_NOTFOUND); } } else { $r = Subsonic_XML_Data::createError(Subsonic_XML_Data::SSERROR_UNAUTHORIZED); } self::apiOutput($input, $r); }
require_once AmpConfig::get('prefix') . '/templates/show_add_share.inc.php'; } } UI::show_footer(); exit; case 'create': if (AmpConfig::get('demo_mode')) { UI::access_denied(); exit; } if (!Core::form_verify('add_share', 'post')) { UI::access_denied(); exit; } UI::show_header(); $id = Share::create_share($_REQUEST['type'], $_REQUEST['id'], $_REQUEST['allow_stream'], $_REQUEST['allow_download'], $_REQUEST['expire'], $_REQUEST['secret'], $_REQUEST['max_counter']); if (!$id) { require_once AmpConfig::get('prefix') . '/templates/show_add_share.inc.php'; } else { $share = new Share($id); $body = T_('Share created.') . '<br />' . T_('You can now start sharing the following url:') . '<br />' . '<a href="' . $share->public_url . '" target="_blank">' . $share->public_url . '</a><br />' . '<div id="share_qrcode" style="text-align: center"></div>' . '<script language="javascript" type="text/javascript">$(\'#share_qrcode\').qrcode({text: "' . $share->public_url . '", width: 128, height: 128});</script>' . '<br /><br />' . T_('You can also embed this share as a web player into your website, with the following html code:') . '<br />' . '<i>' . htmlentities('<iframe style="width: 630px; height: 75px;" src="' . Share::get_url($share->id, $share->secret) . '&embed=true"></iframe>') . '</i><br />'; $title = T_('Object Shared'); show_confirmation($title, $body, AmpConfig::get('web_path') . '/stats.php?action=share'); } UI::show_footer(); exit; case 'show_delete': UI::show_header(); $id = $_REQUEST['id']; $next_url = AmpConfig::get('web_path') . '/share.php?action=delete&id=' . scrub_out($id); show_confirmation(T_('Share Delete'), T_('Confirm Deletion Request'), $next_url, 1, 'delete_share');