Пример #1
0
 private function __construct()
 {
     //Session::$ttl = ConfigHandler::getValue('session', 'ttl');
     Session::$ttl = defined('SESSION_TTL') ? SESSION_TTL : 3600;
     // Set the save handlers
     session_set_save_handler(array('Session', "start"), array('Session', "end"), array('Session', "read"), array('Session', "write"), array('Session', "destroy"), array('Session', "gc"));
     Session::gc();
     // Only start a new session if there is not already one.
     if (!isset($_SESSION)) {
         session_start();
     }
     // Possibly give a notice or something if it's started previously... or maybe not, shrug.
 }
Пример #2
0
/**
 * show_now_playing
 * This shows the now playing templates and does some garbage collecion
 * this should really be somewhere else
 */
function show_now_playing()
{
    Session::gc();
    Stream::gc_now_playing();
    $web_path = AmpConfig::get('web_path');
    $results = Stream::get_now_playing();
    require_once AmpConfig::get('prefix') . UI::find_template('show_now_playing.inc.php');
}
Пример #3
0
 public static function auth_user()
 {
     $isLocal = self::is_local();
     $headers = apache_request_headers();
     $myplex_token = $headers['X-Plex-Token'];
     if (empty($myplex_token)) {
         $myplex_token = $_REQUEST['X-Plex-Token'];
     }
     if (!$isLocal) {
         $match_users = AmpConfig::get('plex_match_email');
         $myplex_username = $headers['X-Plex-Username'];
         if (empty($myplex_token)) {
             // Never fail OPTIONS requests
             if ($_SERVER['REQUEST_METHOD'] == 'OPTIONS') {
                 self::setPlexHeader($headers);
                 exit;
             } else {
                 debug_event('Access Control', 'Authentication token is missing.', '3');
                 self::createError(401);
             }
         }
         $createSession = false;
         Session::gc();
         $username = "";
         $email = trim(Session::read((string) $myplex_token));
         if (empty($email)) {
             $createSession = true;
             $xml = self::get_server_authtokens();
             $validToken = false;
             foreach ($xml->access_token as $tk) {
                 if ((string) $tk['token'] == $myplex_token) {
                     $username = (string) $tk['username'];
                     // We should apply filter and access restriction to shared sections only, but that's not easily possible with current Ampache architecture
                     $validToken = true;
                     break;
                 }
             }
             if (!$validToken) {
                 debug_event('Access Control', 'Auth-Token ' . $myplex_token . ' invalid for this server.', '3');
                 self::createError(401);
             }
         }
         // Need to get a match between Plex and Ampache users
         if ($match_users) {
             if (!AmpConfig::get('access_control')) {
                 debug_event('Access Control', 'Error Attempted to use Plex with Access Control turned off and plex/ampache link enabled.', '3');
                 self::createError(401);
             }
             if (empty($email)) {
                 $xml = self::get_users_account();
                 if ((string) $xml->username == $username) {
                     $email = (string) $xml->email;
                 } else {
                     $xml = self::get_server_friends();
                     foreach ($xml->User as $xuser) {
                         if ((string) $xuser['username'] == $username) {
                             $email = (string) $xuser['email'];
                         }
                     }
                 }
             }
             if (!empty($email)) {
                 $user = User::get_from_email($email);
             }
             if (!isset($user) || !$user->id) {
                 debug_event('Access Denied', 'Unable to get an Ampache user match for email ' . $email, '3');
                 self::createError(401);
             } else {
                 $username = $user->username;
                 if (!Access::check_network('init-api', $username, 5)) {
                     debug_event('Access Denied', 'Unauthorized access attempt to Plex [' . $_SERVER['REMOTE_ADDR'] . ']', '3');
                     self::createError(401);
                 } else {
                     $GLOBALS['user'] = $user;
                     $GLOBALS['user']->load_playlist();
                 }
             }
         } else {
             $email = $username;
             $username = null;
             $GLOBALS['user'] = new User();
             $GLOBALS['user']->load_playlist();
         }
         if ($createSession) {
             // Create an Ampache session from Plex authtoken
             Session::create(array('type' => 'api', 'sid' => $myplex_token, 'username' => $username, 'value' => $email));
         }
     } else {
         AmpConfig::set('cookie_path', '/', true);
         $sid = $_COOKIE[AmpConfig::get('session_name')];
         if (!$sid) {
             $sid = $myplex_token;
             if ($sid) {
                 session_id($sid);
                 Session::create_cookie();
             }
         }
         if (!empty($sid) && Session::exists('api', $sid)) {
             Session::check();
             $GLOBALS['user'] = User::get_from_username($_SESSION['userdata']['username']);
         } else {
             $GLOBALS['user'] = new User();
             $data = array('type' => 'api', 'sid' => $sid);
             Session::create($data);
             Session::check();
         }
         $GLOBALS['user']->load_playlist();
     }
 }
Пример #4
0
 /**
  * The garbage collector, this is executed when the session garbage collector is executed and takes the max session lifetime as its only parameter.
  */
 public function testGarbageCollector()
 {
     Session::gc();
 }
Пример #5
0
 public static function init_session()
 {
     Session::gc();
     $session_data = Session::start();
     AppContext::set_session($session_data);
     AppContext::init_current_user();
     $current_user = AppContext::get_current_user();
     $user_accounts_config = UserAccountsConfig::load();
     $user_theme = ThemesManager::get_theme($current_user->get_theme());
     $default_theme = $user_accounts_config->get_default_theme();
     if ($user_theme === null || (!$user_theme->check_auth() || !$user_theme->is_activated()) && $user_theme->get_id() !== $default_theme) {
         AppContext::get_current_user()->update_theme($default_theme);
     }
     $user_lang = LangsManager::get_lang($current_user->get_locale());
     $default_lang = $user_accounts_config->get_default_lang();
     if ($user_lang === null || (!$user_lang->check_auth() || !$user_lang->is_activated()) && $user_lang->get_id() !== $default_lang) {
         AppContext::get_current_user()->update_lang($default_lang);
     }
 }
Пример #6
0
<?php

define('PATH_TO_ROOT', '..');
define('DEBUG', TRUE);
require_once PATH_TO_ROOT . '/kernel/framework/core/environment/Environment.class.php';
Environment::load_imports();
Environment::load_static_constants();
AppContext::set_request(new HTTPRequestCustom());
Session::gc();
$session_data = Session::start();
AppContext::set_session($session_data);
AppContext::init_current_user();
require_once PATH_TO_ROOT . '/test/PHPUnit/Framework.php';
if (isset($argv)) {
    array_shift($argv);
    $_REQUEST['params'] = implode(' ', $argv);
    $_REQUEST['is_html'] = false;
}
if (!empty($_REQUEST['params'])) {
    // Fake command line environment
    $argv = $_REQUEST['params'];
    $_SERVER['argv'] = explode(' ', '--configuration ./phpunit.cfg.xml ' . $argv);
} else {
    $_SERVER['argv'] = array();
}
$is_html = isset($_REQUEST['is_html']) && $_REQUEST['is_html'] == true;
if (!$is_html) {
    echo '<pre>';
}
//Debug::dump($_SERVER['argv']);
require_once PATH_TO_ROOT . '/test/phpunit.php';
Пример #7
0
#!/usr/bin/env php
<?php 
/*
 * StatusNet - the distributed open-source microblogging tool
 * Copyright (C) 2008, 2009, StatusNet, Inc.
 *
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU Affero General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU Affero General Public License for more details.
 *
 * You should have received a copy of the GNU Affero General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>.
 */
define('INSTALLDIR', realpath(dirname(__FILE__) . '/..'));
$helptext = <<<END_OF_GC_HELP
sessiongc.php

Delete old sessions from the server

END_OF_GC_HELP;
require_once INSTALLDIR . '/scripts/commandline.inc';
$maxlifetime = ini_get('session.gc_maxlifetime');
print "Deleting sessions older than {$maxlifetime} seconds.\n";
Session::gc($maxlifetime);