yetangitu/ampache
1
0
Fork 0
mirror of https://github.com/Yetangitu/ampache synced 2025-10-06 03:49:56 +02:00
Code Issues Releases Wiki Activity

fixed xml-rpc now uses handshake method properly

Browse source
This commit is contained in:
Karl 'vollmerk' Vollmer 2007-12-23 23:13:38 +00:00
parent d3423e0e37
commit 4ea4de9def
5 changed files with 70 additions and 53 deletions
Download patch file Download diff file Expand all files Collapse all files

1
docs/CHANGELOG
View file

@ -4,6 +4,7 @@
--------------------------------------------------------------------------
v.3.4-Alpha4
- Fixed XML-RPC, now uses handshake method properly
- Fixed bug where stream would start even with no songs
- Upgraded to Prototype 1.6
- Added playlists and playlist_songs methods to API

71
lib/class/catalog.class.php
View file

@ -1274,40 +1274,57 @@ class Catalog {
else {
$client = new xmlrpc_client("/$path/server/xmlrpc.server.php", $server, 80);
}
/* encode the variables we need to send over */
$encoded_key = new xmlrpcval($this->key,"string");
$encoded_path = new xmlrpcval(Config::get('web_path'),"string");
$xmlrpc_message = new xmlrpcmsg('xmlrpcserver.get_catalogs', array($encoded_key,$encoded_path));
// 6 that's right, the secret level because if you do have debug on most likely you're
// going to just crash your browser... sorry folks
if (Config::get('debug') AND Config::get('debug_level') == '6') { $client->setDebug(1); }
$response = $client->send($xmlrpc_message,30);
$value = $response->value();
if ( !$response->faultCode() ) {
$data = php_xmlrpc_decode($value);
// Before we do anything else we need to do a handshake with the remote server
$timestamp = time();
$handshake_key = md5($timestamp . $this->key);
$encoded_key = new xmlrpcval($handshake_key,"string");
$timestamp = new xmlrpcval($timestamp,"int");
$xmlrpc_message = new xmlrpcmsg('xmlrpcserver.handshake',array($encoded_key,$timestamp));
// Send it off
$response = $client->send($xmlrpc_message,10);
if ($response->faultCode()) {
$error_msg = _("Error connecting to") . " " . $server . " " . _("Code") . ": " . $response->faultCode() . " " . _("Reason") . ": " . $response->faultString();
debug_event('XMLCLIENT',$error_msg,'1');
echo "<p class=\"error\">$error_msg</p>";
return;
}
// Print out the catalogs we are going to sync
foreach ($data as $vars) {
$catalog_name = $vars['name'];
$count = $vars['count'];
print("<b>Reading Remote Catalog: $catalog_name ($count Songs)</b> [$this->path]<br />\n");
$total += $count;
}
// Flush the output
flush();
$token = php_xmlrpc_decode($response->value());
/* encode the variables we need to send over */
$encoded_key = new xmlrpcval($token,"string");
$encoded_path = new xmlrpcval(Config::get('web_path'),"string");
$xmlrpc_message = new xmlrpcmsg('xmlrpcserver.get_catalogs', array($encoded_key,$encoded_path));
$response = $client->send($xmlrpc_message,30);
} // if we didn't get an error
else {
if ($response->faultCode() ) {
$error_msg = _("Error connecting to") . " " . $server . " " . _("Code") . ": " . $response->faultCode() . " " . _("Reason") . ": " . $response->faultString();
debug_event('XMLCLIENT',$error_msg,'1');
echo "<p class=\"error\">$error_msg</p>";
return;
}
}
$data = php_xmlrpc_decode($response->value());
// Print out the catalogs we are going to sync
foreach ($data as $vars) {
$catalog_name = $vars['name'];
$count = $vars['count'];
print("<b>Reading Remote Catalog: $catalog_name ($count Songs)</b> [$this->path]<br />\n");
$total += $count;
}
// Flush the output
flush();
// Hardcoded for now
$step = '500';
@ -1316,7 +1333,7 @@ class Catalog {
while ($total > $current) {
$start = $current;
$current += $step;
$this->get_remote_song($client,$start,$step);
$this->get_remote_song($client,$token,$start,$step);
}
echo "<p>" . _('Completed updating remote catalog(s)') . ".</p><hr />\n";
@ -1331,11 +1348,11 @@ class Catalog {
* This functions takes a start and end point for gathering songs from a remote server. It is broken up
* in attempt to get around the problem of very large target catalogs
*/
public function get_remote_song($client,$start,$end) {
public function get_remote_song($client,$token,$start,$end) {
$encoded_start = new xmlrpcval($start,"int");
$encoded_end = new xmlrpcval($end,"int");
$encoded_key = new xmlrpcval($this->key,"string");
$encoded_key = new xmlrpcval($token,"string");
$query_array = array($encoded_key,$encoded_start,$encoded_end);

15
lib/class/xmlrpcserver.class.php
View file

@ -41,7 +41,7 @@ class xmlRpcServer {
$key = $variable->scalarval();
// Check it and make sure we're super green
if (!Access::check_network('rpc',$_SERVER['REMOTE_ADDR'],'','5',$key)) {
if (!vauth::session_exists('xml-rpc',$key)) {
debug_event('XMLSERVER','Error ' . $_SERVER['REMOTE_ADDR'] . ' with key ' . $key . ' does not match any ACLs','1');
return new xmlrpcresp(0,'503','Key/IP Mis-match Access Denied');
}
@ -85,7 +85,7 @@ class xmlRpcServer {
$key = $variable->scalarval();
// Check it and make sure we're super green
if (!Access::check_network('rpc',$_SERVER['REMOTE_ADDR'],'','5',$key)) {
if (!vauth::session_exists('xml-rpc',$key)) {
debug_event('XMLSERVER','Error ' . $_SERVER['REMOTE_ADDR'] . ' with key ' . $key . ' does not match any ACLs','1');
return new xmlrpcresp(0,'503','Key/IP Mis-match Access Denied');
}
@ -134,12 +134,12 @@ class xmlRpcServer {
// Pull out the params
$encoded_key = $xmlrpc_object->params['0']->me['string'];
$timestamp = $xmlrpc_object->params['0']->me['int'];
$timestamp = $xmlrpc_object->params['1']->me['int'];
// Check the timestamp make sure it's recent
if ($timestamp < (time() - 14400)) {
debug_event('XMLSERVER','Handshake failure, timestamp too old','1');
return new xmlrpcresp(php_xmlrpc_encoded("Handshake failure"));
return new xmlrpcresp(0,'503','Handshaek failure, timestamp too old');
}
// Log the attempt
@ -158,11 +158,16 @@ class xmlRpcServer {
$md5pass = md5($timestamp . $row['key']);
if ($md5pass == $encoded_key) {
$token = '';
$data['type'] = 'xml-rpc';
$data['username'] = 'System';
$data['value'] = 'Handshake';
$token = vauth::session_create($data);
return new xmlrpcresp(php_xmlrpc_encode($token));
}
} // end while rows
return new xmlrpcresp(0,'503','Handshaek failure, Key/IP Incorrect');
} // handshake

35
modules/xmlrpc/xmlrpc.inc
View file

@ -1317,8 +1317,7 @@ $cp1252_to_xmlent =
if($this->debug > 1)
{
print "<PRE>\n---SENDING---\n" . htmlentities($op) . "\n---END---\n</PRE>";
// let the client see this now in case http times out...
debug_event('XMLRPC',"\n---SENDING---\n" . htmlentities($op) . "\n---END---\n</PRE>",'1','xmlrpc');
flush();
}
@ -1458,11 +1457,8 @@ $cp1252_to_xmlent =
$encoding_hdr = '';
}
if($this->debug > 1)
{
print "<PRE>\n---SENDING---\n" . htmlentities($payload) . "\n---END---\n</PRE>";
// let the client see this now in case http times out...
flush();
if($this->debug > 1) {
debug_event('XMLRPC',"\n---SENDING---\n" . htmlentities($payload) . "\n---END---\n</PRE>",'1','xmlrpc');
}
if(!$keepalive || !$this->xmlrpc_curl_handle)
@ -2338,18 +2334,17 @@ xmlrpc_encode_entitites($this->errstr, $GLOBALS['xmlrpc_internalencoding'], $cha
$data = substr($data, $bd);
if($this->debug && count($GLOBALS['_xh']['headers']))
{
print '<PRE>';
foreach($GLOBALS['_xh']['headers'] as $header => $value)
{
print htmlentities("HEADER: $header: $value\n");
// If we're debuging and we've got some headers
if($this->debug && count($GLOBALS['_xh']['headers'])) {
$debug_string = '';
foreach($GLOBALS['_xh']['headers'] as $header => $value) {
$debug_string .= "HEADER: $header: $value\n";
}
foreach($GLOBALS['_xh']['cookies'] as $header => $value)
{
print htmlentities("COOKIE: $header={$value['value']}\n");
foreach($GLOBALS['_xh']['cookies'] as $header => $value) {
$debug_string .= "COOKIE: $header={$value['value']}\n";
}
print "</PRE>\n";
debug_event('XMLRPC',"\n---SENDING---\n" . htmlentities($debug_string) . "\n---END---\n",'1','xmlrpc');
}
// if CURL was used for the call, http headers have been processed,
@ -2381,13 +2376,13 @@ xmlrpc_encode_entitites($this->errstr, $GLOBALS['xmlrpc_internalencoding'], $cha
{
$data = $degzdata;
if($this->debug)
print "<PRE>---INFLATED RESPONSE---[".strlen($data)." chars]---\n" . htmlentities($data) . "\n---END---</PRE>";
debug_event('XMLRPC',"\n---RESPONSE---\n" . $data . "\n---END---\n",'1','xmlrpc');
}
elseif($GLOBALS['_xh']['headers']['content-encoding'] == 'gzip' && $degzdata = @gzinflate(substr($data, 10)))
{
$data = $degzdata;
if($this->debug)
print "<PRE>---INFLATED RESPONSE---[".strlen($data)." chars]---\n" . htmlentities($data) . "\n---END---</PRE>";
debug_event('XMLRPC',"\n---RESPONSE---\n" . $data . "\n---END---\n",'1','xmlrpc');
}
else
{
@ -2425,7 +2420,7 @@ xmlrpc_encode_entitites($this->errstr, $GLOBALS['xmlrpc_internalencoding'], $cha
if($this->debug)
{
//by maHo, replaced htmlspecialchars with htmlentities
print "<PRE>---GOT---\n" . htmlentities($data) . "\n---END---\n</PRE>";
debug_event('XMLRPC',"\n---GOT---\n" . $data . "\n---END---\n",'1','xmlrpc');
}
if($data == '')

1
templates/show_get_albumart.inc.php
View file

@ -21,7 +21,6 @@
*/
?>
<?php show_box_top(_('Customize Search')); ?>
<?php print_r($_GET); ?>
<form enctype="multipart/form-data" name="coverart" method="post" action="<?php echo Config::get('web_path'); ?>/albums.php?action=find_art&amp;album_id=<?php echo $album->id; ?>&amp;artist_name=<?php echo urlencode($_REQUEST['artist_name']);?>&amp;album_name=<?php echo urlencode($_REQUEST['album_name']); ?>&amp;cover=<?php echo urlencode($_REQUEST['cover']); ?>" style="Display:inline;">
<table>
<tr>