exit; case 'external_share': if (AmpConfig::get('demo_mode')) { UI::access_denied(); exit; } $plugin = new Plugin($_GET['plugin']); if (!$plugin) { UI::access_denied('Access Denied - Unkown external share plugin.'); exit; } $plugin->load($GLOBALS['user']); $type = $_REQUEST['type']; $id = $_REQUEST['id']; $allow_download = $type == 'song' && Access::check_function('download') || Access::check_function('batch_download'); $secret = Share::generate_secret(); $share_id = Share::create_share($type, $id, true, $allow_download, AmpConfig::get('share_expire'), $secret, 0); $share = new Share($share_id); $share->format(true); header("Location: " . $plugin->_plugin->external_share($share->public_url, $share->f_name)); exit; } /** * If Access Control is turned on then we don't * even want them to be able to get to the login * page if they aren't in the ACL */ if (AmpConfig::get('access_control')) { if (!Access::check_network('interface', '', '5')) { debug_event('UI::access_denied', 'Access Denied:' . $_SERVER['REMOTE_ADDR'] . ' is not in the Interface Access list', '3'); UI::access_denied();
/** * createShare * Create a public url that can be used by anyone to stream media. * Takes the file id with optional description and expires parameters. */ public static function createshare($input) { self::check_version($input, "1.6.0"); $id = self::check_parameter($input, 'id'); $description = $input['description']; if (AmpConfig::get('share')) { if (isset($input['expires'])) { $expires = $input['expires']; // Parse as a string to work on 32-bit computers if (strlen($expires) > 3) { $expires = intval(substr($expires, 0, -3)); } $expire_days = round(($expires - time()) / 86400, 0, PHP_ROUND_HALF_EVEN); } else { $expire_days = AmpConfig::get('share_expire'); } $object_id = Subsonic_XML_Data::getAmpacheId($id); if (Subsonic_XML_Data::isAlbum($id)) { $object_type = 'album'; } else { if (Subsonic_XML_Data::isSong($id)) { $object_type = 'song'; } } if (!empty($object_type)) { $r = Subsonic_XML_Data::createSuccessResponse(); $shares = array(); $shares[] = Share::create_share($object_type, $object_id, true, Access::check_function('download'), $expire_days, Share::generate_secret(), 0, $description); Subsonic_XML_Data::addShares($r, $shares); } else { $r = Subsonic_XML_Data::createError(Subsonic_XML_Data::SSERROR_DATA_NOTFOUND); } } else { $r = Subsonic_XML_Data::createError(Subsonic_XML_Data::SSERROR_UNAUTHORIZED); } self::apiOutput($input, $r); }
?> </td> <td> <?php echo $object->f_link; ?> </td> </tr> <tr> <td><?php echo T_('Secret'); ?> </td> <td> <input type="text" name="secret" value="<?php echo scrub_out($_REQUEST['secret'] ?: Share::generate_secret()); ?> " /> <?php AmpError::display('secret'); ?> </td> </tr> <tr> <td><?php echo T_('Max Counter'); ?> </td> <td> <input type="text" name="max_counter" value="<?php echo scrub_out($_REQUEST['max_counter'] ?: '0');