some inital work on an api for amarok, tweaked stream class a bit, think theres still a bug with some playlist methods, also need to confirm problem with IE

2025-10-05 10:49:37 +02:00 · 2007-11-19 07:40:48 +00:00 · 2007-11-19 07:40:48 +00:00 · f4d94f034e
commit f4d94f034e
parent 9c15441ab4
6 changed files with 179 additions and 94 deletions
--- a/lib/class/access.class.php
+++ b/lib/class/access.class.php
@ -314,6 +314,33 @@ class Access {

 	} // get_type_name

+	/**
+	 * session_exists
+	 * This checks to see if the specified session of the specified type
+	 * exists, it also provides an array of key'd data that may be required
+	 * based on the type
+	 */
+	public static function session_exists($data,$key,$type) { 
+
+		// Switch on the type they pass
+		switch ($type) { 
+			case 'api': 
+
+			break; 
+			case 'stream': 
+		
+			break; 
+			case 'interface': 
+
+			break; 
+			default: 
+				return false; 
+			break; 
+		} // type
+
+
+	} // session_exists
+
 } //end of access class

 ?>
--- a/lib/class/api.class.php
+++ b/lib/class/api.class.php
@ -0,0 +1,68 @@
+<?php
+/*
+
+ Copyright (c) 2001 - 2007 Ampache.org
+ All rights reserved.
+
+ This program is free software; you can redistribute it and/or
+ modify it under the terms of the GNU General Public License v2
+ as published by the Free Software Foundation.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.
+
+*/
+
+/**
+ * API Class
+ * This handles functions relating to the API written for ampache, initially this is very focused
+ * on providing functionality for Amarok so it can integrate with Ampache
+ */
+class AmpacheApi { 
+
+	/**
+ 	 * constructor
+	 * This really isn't anything to do here, so it's private
+	 */
+	private function __construct() { 
+
+		// Rien a faire
+
+	} // constructor
+
+
+	/**
+	 * handshake
+	 * This is the function that handles the verifying a new handshake
+	 * this takes a timestamp, auth key, and client IP. Optionally it
+	 * can take a username, if non is passed the ACL must be non-use 
+	 * specific
+	 */
+	public static function handshake($timesamp,$passphrase,$ip,$username='') { 
+
+		// First we'll filter by username and IP 
+		$username = $username ? Dba::escape($username) : '-1'; 
+		$ip = ip2int($ip); 
+		
+		// Run the query and return the passphrases as we'll have to mangle them
+		// to figure out if they match what we've got
+		$sql = "SELECT * FROM `access_list` WHERE `user`='$username' AND `start` >= '$ip' AND `end` <= '$ip'"; 
+		$db_results = Dba::query($sql); 
+
+		while ($row = Dba::fetch_assoc($db_results)) { 
+
+			// Combine and MD5 this mofo
+			$md5pass = md5($timestamp . $row); 
+
+		} // end while
+
+	} // handhsake
+
+} // API class
+?>
--- a/lib/class/update.class.php
+++ b/lib/class/update.class.php
@ -238,6 +238,12 @@ class Update {
 				'- Change wording on Localplay preferences.<br />'; 
 		$version[] = array('version' => '340010','description'=>$update_string); 

+		$update_string = '- Adjusted Tables to new democratic play methods.<br />' . 
+				'- Added api session table, will eventually recombine.<br />'; 
+
+		//$version[] = array('version' => '340011','description'=>$update_string); 
+
+
 		return $version;

 	} // populate_version
@ -979,5 +985,28 @@ class Update {

 	} // update_340010

+	/**
+	 * update_340011
+	 * This updates the democratic play stuff so that can handle a little more complext mojo
+	 * It also adds yet another table to the db to handle the sessions for API access. Eventually
+	 * should combine all of the session tables, but I'll do that later
+	 */
+	public static function update_340011() { 
+
+		// First add the new table for the new session stuff
+                $sql = "CREATE TABLE `session_api` ( " .
+                        "`id` VARCHAR( 64 ) NOT NULL , " .
+                        "`user` INT( 11 ) UNSIGNED NOT NULL , " .
+                        "`agent` VARCHAR( 255 ) CHARACTER SET utf8 COLLATE utf8_unicode_ci NULL , " .
+			"`level` INT( 11 ) UNSIGNED NOT NULL DEFAULT '0', " . 
+                        "`expire` INT( 11 ) UNSIGNED NOT NULL , " .
+                        "`ip` INT( 11 ) UNSIGNED NULL , " .
+                        "PRIMARY KEY ( `id` ) " .
+                        ") ENGINE = MYISAM";
+                $db_results = Dba::query($sql);
+				
+
+	} // 340011
+
 } // end update class
 ?>
--- a/lib/class/xmldata.class.php
+++ b/lib/class/xmldata.class.php
@ -0,0 +1,44 @@
+<?php
+/*
+
+ Copyright 2001 - 2007 Ampache.org
+ All Rights Reserved
+
+ This program is free software; you can redistribute it and/or
+ modify it under the terms of the GNU General Public License
+ as published by the Free Software Foundation; version 2
+ of the License.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA. 
+
+*/
+
+/**
+ * xmlData
+ * This class takes care of all of the xml document stuff in Ampache these
+ * are all static calls 
+ */
+class xmlData { 
+
+	public static $version = '340001'; 
+
+	/**
+	 * constructor
+	 * We don't use this, as its really a static class
+	 */
+	private function __construct() { 
+
+		// Rien a faire
+
+	} // constructor
+
+} // xmlData
+
+?>
--- a/server/stream.ajax.php
+++ b/server/stream.ajax.php
@ -37,7 +37,7 @@ switch ($_REQUEST['action']) {
 	break;
 	case 'basket': 
 		// We need to set the basket up!
-		$_SESSION['iframe']['target'] = Config::get('web_path') . '/stream.php?action=basket'; 
+		$_SESSION['iframe']['target'] = Config::get('web_path') . '/stream.php?action=basket&playlist_method=' . scrub_out($_REQUEST['playlist_method']); 
 		$results['rfc3514'] = '<script type="text/javascript">reload_util()</script>'; 
 	break;
 	default: 
--- a/server/xml.server.php
+++ b/server/xml.server.php
@ -1,7 +1,7 @@
 <?php
 /*

- Copyright (c) 2001 - 2006 Ampache.org
+ Copyright (c) 2001 - 2007 Ampache.org
 All rights reserved.

 This program is free software; you can redistribute it and/or
@ -25,108 +25,25 @@
 */

 define('NO_SESSION','1');
-require_once('../lib/init.php');
+require_once '../lib/init.php';

 /** 
 * Verify the existance of the Session they passed in we do allow them to
 * login via this interface so we do have an exception for action=login
 */
-if (!session_exists($_REQUEST['sessid']) AND $_REQUEST['action'] !== 'login') { exit(); }
-
-$GLOBALS['user'] = new User($_REQUEST['user_id']);
-$action = scrub_in($_REQUEST['action']);
+if (!Access::session_exists(array(),$_REQUEST['auth'],'api') AND $_REQUEST['action'] != 'handshake') { 
+	debug_event('Access Denied','Invalid Session or unthorized access attempt to API','5'); 
+	exit(); 
+}

 /* Set the correct headers */
 header("Content-type: text/xml; charset=utf-8");

-switch ($action) { 
-	/* Returns an array of artist information */
-	case 'get_artists': 
-		$sql = "SELECT id FROM artist ORDER BY name";
-		$db_results = mysql_query($sql,dbh());

-		while ($r = mysql_fetch_assoc($db_results)) { 
-			$artist = new Artist($r['id']);
-			$artist->format_artist();
-			$results[] = array('id'=>$artist->id,'name'=>$artist->full_name);
-		} // end while results
-
-		$xml_doc = xml_from_array($results);
-		echo $xml_doc;
-	break;
-	case 'get_albums':
-		$sql = "SELECT id FROM album ORDER BY name";
-		$db_results = mysql_query($sql,dbh()); 
-
-		while ($r = mysql_fetch_assoc($db_results)) { 
-			$album = new Album($r['id']);
-			$results[] = array('id'=>$r['id'],'year'=>$album->year,'name'=>$album->name);
-		} // end while results
-
-		$xml_doc = xml_from_array($results);
-		echo $xml_doc;
-	break;
-	case 'get_genres':
-		$sql = "SELECT id FROM genre ORDER BY name";
-		$db_results = mysql_query($sql,dbh());
-	
-		while ($r = mysql_fetch_assoc($db_results)) { 
-			$genre = new Genre($r['id']); 
-			$results[] = array('id'=>$r['id'],'name'=>$genre->name);
-		}
-		
-		$xml_doc = xml_from_array($results);
-		echo $xml_doc;
-	break;
-	/* Return results of a quick search */
-	case 'search': 
-		/* We need search string */
-		$_REQUEST['s_all'] = $_REQUEST['search_string'];	
-		if (strlen($_REQUEST['s_all']) < 1) { break; } 
-		$data = run_search($_REQUEST);
-
-		/* Unfortuantly these are song objects, which are not good for
-		 * xml.. turn it into an array 
-		 */
-		foreach ($data as $song) { 
-			$genre 		= $song->get_genre_name();
-			$artist 	= $song->get_artist_name();
-			$album		= $song->get_album_name();
-			$results[] 	= array('id'=>$song->id,
-						'title'=>$song->title,
-						'genre'=>$genre,
-						'artist'=>$artist,
-						'album'=>$album);	
-		} // end foreach song	
-
-		$xml_doc = xml_from_array($results);
-		echo $xml_doc;
-
-	break;	
-	/* This takes a object_id/object_type and returns the correct PLAY url for it */
-	case 'play_url':
-		/* We need the type and id */
-		$object_type 	= scrub_in($_REQUEST['object_type']); 
-		$object_id	= scrub_in($_REQUEST['object_id']);
-
-		switch ($object_type) { 
-			case 'song':
-				$song = new Song($object_id);
-				$url = $song->get_url($_REQUEST['sessid']); 
-				$results[] = $url;
-			break;
-			default: 
-				// Rien a faire
-			break;
-		} // end switch on object_type
-
-		$xml_doc = xml_from_array($results);
-		echo $xml_doc; 
-
-	break;
-	/* This allows you to login via the xml mojo */
-	case 'login':
+switch ($_REQUEST['action']) { 
+	case 'handshake': 

+		// Send the data we were sent to the API class so it can be chewed on 

 	break; 
 	default: