header('HTTP/1.1 403 Session Expired'); exit; } } } // Now that we've confirmed the session is valid // extend it Session::extend($sid, 'stream'); } } /* Update the users last seen information */ $GLOBALS['user']->update_last_seen(); } else { $secret = $_REQUEST['share_secret']; $share = new Share($share_id); if (!$share->is_valid($secret, 'stream')) { header('HTTP/1.1 403 Access Unauthorized'); exit; } if (!$share->is_shared_media($oid)) { header('HTTP/1.1 403 Access Unauthorized'); exit; } $GLOBALS['user'] = new User($share->user); Preference::init(); } /* If we are in demo mode.. die here */ if (AmpConfig::get('demo_mode') || !Access::check('interface', '25')) { debug_event('UI::access_denied', "Streaming Access Denied:" . AmpConfig::get('demo_mode') . "is the value of demo_mode. Current user level is " . $GLOBALS['user']->access, '3'); UI::access_denied(); exit;
UI::access_denied(); exit; } } // access_control is enabled $id = $_REQUEST['id']; $secret = $_REQUEST['secret']; $share = new Share($id); if (empty($action) && $share->id) { if ($share->allow_stream) { $action = 'stream'; } elseif ($share->allow_download) { $action = 'download'; } } if (!$share->is_valid($secret, $action)) { UI::access_denied(); exit; } $share->format(); $share->save_access(); if ($action == 'download') { if ($share->object_type == 'song' || $share->object_type == 'video') { $_REQUEST['action'] = 'download'; $_REQUEST['type'] = $share->object_type; $_REQUEST[$share->object_type . '_id'] = $share->object_id; require AmpConfig::get('prefix') . '/stream.php'; } else { $_REQUEST['action'] = $share->object_type; $_REQUEST['id'] = $share->object_id; require AmpConfig::get('prefix') . '/batch.php';