/**
  * Register the service provider.
  *
  * @return void
  */
 public function register()
 {
     //
     // register a Custom Session SP at startup
     \Session::extend('custom-memcached', function ($app) {
         $minutes = $this->app['config']['session.lifetime'];
         $memcached = $app['config']['memcached.instance'];
         if (is_callable($memcached)) {
             $memcached = $memcached();
         } else {
             throw new \RuntimeException("Could not find memcached instance closure in config memcached.instance.");
         }
         $repo = new Repository(new \Illuminate\Cache\MemcachedStore($memcached, $app['config']['cache.prefix']));
         return new CacheBasedSessionHandler($repo, $minutes);
     });
 }
Exemplo n.º 2
0
 protected function broadcastMessage($clients, $cmd, $value = '')
 {
     $msg = $cmd . ':' . $value . ';';
     foreach ($clients as $client) {
         $sid = $this->sids[$client->resourceId];
         if ($sid) {
             Session::extend($sid, 'stream');
         }
         $client->send($msg);
     }
 }
Exemplo n.º 3
0
    }
} else {
    if (isset($_REQUEST['sid'])) {
        session_name(AmpConfig::get('session_name'));
        session_id(scrub_in($_REQUEST['sid']));
        session_start();
        $GLOBALS['user'] = new User($_SESSION['userdata']['uid']);
    } else {
        $GLOBALS['user'] = new User();
    }
}
// If NO_SESSION passed
// Load the Preferences from the database
Preference::init();
if (session_id()) {
    Session::extend(session_id());
    // We only need to create the tmp playlist if we have a session
    $GLOBALS['user']->load_playlist();
}
/* Add in some variables for ajax done here because we need the user */
AmpConfig::set('ajax_url', AmpConfig::get('web_path') . '/server/ajax.server.php', true);
AmpConfig::set('ajax_server', AmpConfig::get('web_path') . '/server', true);
// Load gettext mojo
load_gettext();
/* Set CHARSET */
header("Content-Type: text/html; charset=" . AmpConfig::get('site_charset'));
/* Clean up a bit */
unset($array);
unset($results);
/* Check to see if we need to perform an update */
if (!defined('OUTDATED_DATABASE_OK')) {
Exemplo n.º 4
0
if (!Session::exists('api', $_REQUEST['auth']) and $_REQUEST['action'] != 'handshake' and $_REQUEST['action'] != 'ping') {
    debug_event('Access Denied', 'Invalid Session attempt to API [' . $_REQUEST['action'] . ']', '3');
    ob_end_clean();
    echo XML_Data::error('401', T_('Session Expired'));
    exit;
}
// If the session exists then let's try to pull some data from it to see if we're still allowed to do this
$username = $_REQUEST['action'] == 'handshake' || $_REQUEST['action'] == 'ping' ? $_REQUEST['user'] : Session::username($_REQUEST['auth']);
if (!Access::check_network('init-api', $username, 5)) {
    debug_event('Access Denied', 'Unauthorized access attempt to API [' . $_SERVER['REMOTE_ADDR'] . ']', '3');
    ob_end_clean();
    echo XML_Data::error('403', T_('Unauthorized access attempt to API - ACL Error'));
    exit;
}
if ($_REQUEST['action'] != 'handshake' and $_REQUEST['action'] != 'ping') {
    Session::extend($_REQUEST['auth']);
    $GLOBALS['user'] = User::get_from_username($username);
}
// Get the list of possible methods for the Ampache API
$methods = get_class_methods('api');
// Define list of internal functions that should be skipped
$internal_functions = array('set_filter');
// Recurse through them and see if we're calling one of them
foreach ($methods as $method) {
    if (in_array($method, $internal_functions)) {
        continue;
    }
    // If the method is the same as the action being called
    // Then let's call this function!
    if ($_GET['action'] == $method) {
        call_user_func(array('api', $method), $_GET);
Exemplo n.º 5
0
 /**
  * ping
  * This can be called without being authenticated, it is useful for determining if what the status
  * of the server is, and what version it is running/compatible with
  */
 public static function ping($input)
 {
     $xmldata = array('server' => AmpConfig::get('version'), 'version' => Api::$version, 'compatible' => '350001');
     // Check and see if we should extend the api sessions (done if valid sess is passed)
     if (Session::exists('api', $input['auth'])) {
         Session::extend($input['auth']);
         $xmldata = array_merge(array('session_expire' => date("c", time() + AmpConfig::get('session_length') - 60)), $xmldata);
     }
     debug_event('API', 'Ping Received from ' . $_SERVER['REMOTE_ADDR'] . ' :: ' . $input['auth'], '5');
     ob_end_clean();
     echo XML_Data::keyed_array($xmldata);
 }
Exemplo n.º 6
0
            if (!AmpConfig::get('require_localnet_session') and Access::check_network('network', $GLOBALS['user']->id, '5')) {
                debug_event('play', 'Streaming access allowed for local network IP ' . $_SERVER['REMOTE_ADDR'], '5');
            } else {
                if (!Session::exists('stream', $sid)) {
                    // No valid session id given, try with cookie session from web interface
                    $sid = $_COOKIE[AmpConfig::get('session_name')];
                    if (!Session::exists('interface', $sid)) {
                        debug_event('UI::access_denied', 'Streaming access denied: ' . $GLOBALS['user']->username . "'s session has expired", 3);
                        header('HTTP/1.1 403 Session Expired');
                        exit;
                    }
                }
            }
            // Now that we've confirmed the session is valid
            // extend it
            Session::extend($sid, 'stream');
        }
    }
    /* Update the users last seen information */
    $GLOBALS['user']->update_last_seen();
} else {
    $secret = $_REQUEST['share_secret'];
    $share = new Share($share_id);
    if (!$share->is_valid($secret, 'stream')) {
        header('HTTP/1.1 403 Access Unauthorized');
        exit;
    }
    if (!$share->is_shared_media($oid)) {
        header('HTTP/1.1 403 Access Unauthorized');
        exit;
    }
Exemplo n.º 7
0
 * GNU General Public license for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program. If not, see <http://www.gnu.org/licenses/>.
 *
 * @category	FluxBB
 * @package		Core
 * @copyright	Copyright (c) 2008-2012 FluxBB (http://fluxbb.org)
 * @license		http://www.gnu.org/licenses/gpl.html	GNU General Public License
 */
define('FLUXBB_VERSION', '2.0-alpha1');
Autoloader::namespaces(array('fluxbb' => __DIR__ . DS . 'classes'));
if (fluxbb\Core::installed()) {
    Request::set_env('fluxbb');
}
// Set up our custom session handler
if (!Request::cli() && !Session::started()) {
    Session::extend('fluxbb::session', function () {
        return new fluxbb\Session\Driver(Laravel\Database::connection());
    });
    Config::set('session.driver', 'fluxbb::session');
    Session::load();
}
// View composers
require 'helpers/composers.php';
// Route filters
require 'helpers/filters.php';
// HTML helpers
require 'helpers/html.php';
// Validators
require 'helpers/validator.php';