id) {
$object->format();
require_once AmpConfig::get('prefix') . '/templates/show_add_share.inc.php';
}
}
UI::show_footer();
exit;
case 'create':
if (AmpConfig::get('demo_mode')) {
UI::access_denied();
exit;
}
if (!Core::form_verify('add_share','post')) {
UI::access_denied();
exit;
}
UI::show_header();
$id = Share::create_share($_REQUEST['type'], $_REQUEST['id'], $_REQUEST['allow_stream'], $_REQUEST['allow_download'], $_REQUEST['expire'], $_REQUEST['secret'], $_REQUEST['max_counter']);
if (!$id) {
require_once AmpConfig::get('prefix') . '/templates/show_add_share.inc.php';
} else {
$share = new Share($id);
$body = T_('Share created.') . '
' .
T_('You can now start sharing the following url:') . '
' .
'' . $share->public_url . '
' .
'' .
'' .
'
' .
T_('You can also embed this share as a web player into your website, with the following html code:') . '
' .
'' . htmlentities('') . '
';
$title = T_('Object Shared');
show_confirmation($title, $body, AmpConfig::get('web_path') . '/stats.php?action=share');
}
UI::show_footer();
exit;
case 'show_delete':
UI::show_header();
$id = $_REQUEST['id'];
$next_url = AmpConfig::get('web_path') . '/share.php?action=delete&id=' . scrub_out($id);
show_confirmation(T_('Share Delete'), T_('Confirm Deletion Request'), $next_url, 1, 'delete_share');
UI::show_footer();
exit;
case 'delete':
if (AmpConfig::get('demo_mode')) {
UI::access_denied();
exit;
}
UI::show_header();
$id = $_REQUEST['id'];
if (Share::delete_share($id)) {
$next_url = AmpConfig::get('web_path') . '/stats.php?action=share';
show_confirmation(T_('Share Deleted'), T_('The Share has been deleted'), $next_url);
}
UI::show_footer();
exit;
case 'clean':
if (AmpConfig::get('demo_mode')) {
UI::access_denied();
exit;
}
UI::show_header();
Share::gc();
$next_url = AmpConfig::get('web_path') . '/stats.php?action=share';
show_confirmation(T_('Shared Objects cleaned'), T_('Expired shared objects have been cleaned.'), $next_url);
UI::show_footer();
exit;
case 'external_share':
if (AmpConfig::get('demo_mode')) {
UI::access_denied();
exit;
}
$plugin = new Plugin($_GET['plugin']);
if (!$plugin) {
UI::access_denied('Access Denied - Unkown external share plugin.');
exit;
}
$plugin->load($GLOBALS['user']);
$type = $_REQUEST['type'];
$id = $_REQUEST['id'];
$allow_download = (($type == 'song' && Access::check_function('download')) || Access::check_function('batch_download'));
$secret = Share::generate_secret();
$share_id = Share::create_share($type, $id, true, $allow_download, AmpConfig::get('share_expire'), $secret, 0);
$share = new Share($share_id);
$share->format(true);
header("Location: " . $plugin->_plugin->external_share($share->public_url, $share->f_name));
exit;
}
/**
* If Access Control is turned on then we don't
* even want them to be able to get to the login
* page if they aren't in the ACL
*/
if (AmpConfig::get('access_control')) {
if (!Access::check_network('interface', '', '5')) {
debug_event('UI::access_denied', 'Access Denied:' . $_SERVER['REMOTE_ADDR'] . ' is not in the Interface Access list', '3');
UI::access_denied();
exit();
}
} // access_control is enabled
$id = $_REQUEST['id'];
$secret = $_REQUEST['secret'];
$share = new Share($id);
if (empty($action) && $share->id) {
if ($share->allow_stream) {
$action = 'stream';
} elseif ($share->allow_download) {
$action = 'download';
}
}
if (!$share->is_valid($secret, $action)) {
UI::access_denied();
exit();
}
$share->format();
$share->save_access();
if ($action == 'download') {
if ($share->object_type == 'song' || $share->object_type == 'video') {
$_REQUEST['action'] = 'download';
$_REQUEST['type'] = $share->object_type;
$_REQUEST[$share->object_type . '_id'] = $share->object_id;
require AmpConfig::get('prefix') . '/stream.php';
} else {
$_REQUEST['action'] = $share->object_type;
$_REQUEST['id'] = $share->object_id;
require AmpConfig::get('prefix') . '/batch.php';
}
} elseif ($action == 'stream') {
require AmpConfig::get('prefix') . '/templates/show_share.inc.php';
} else {
debug_event('UI::access_denied', 'Access Denied: unknown action.', '3');
UI::access_denied();
exit();
}