diff options
| author | Karl 'vollmerk' Vollmer <vollmer@ampache.org> | 2008-11-15 06:41:41 +0000 |
|---|---|---|
| committer | Karl 'vollmerk' Vollmer <vollmer@ampache.org> | 2008-11-15 06:41:41 +0000 |
| commit | 2562b5a00bc96694ba6f25bc8aa6064521d2b8b5 (patch) | |
| tree | ddc9e062bb85c9d4698693d249db90ea8eec390d | |
| parent | d1f96470900c74bdb4c9101f309f10697a3e6aa3 (diff) | |
| download | ampache-2562b5a00bc96694ba6f25bc8aa6064521d2b8b5.tar.gz ampache-2562b5a00bc96694ba6f25bc8aa6064521d2b8b5.tar.bz2 ampache-2562b5a00bc96694ba6f25bc8aa6064521d2b8b5.zip | |
add in require_localnet_session configuration
| -rw-r--r-- | config/ampache.cfg.php.dist | 7 | ||||
| -rwxr-xr-x | docs/CHANGELOG | 2 | ||||
| -rw-r--r-- | lib/class/access.class.php | 4 | ||||
| -rw-r--r-- | lib/class/api.class.php | 2 | ||||
| -rw-r--r-- | lib/class/catalog.class.php | 20 | ||||
| -rw-r--r-- | play/index.php | 6 |
6 files changed, 37 insertions, 4 deletions
diff --git a/config/ampache.cfg.php.dist b/config/ampache.cfg.php.dist index 3fa1be12..5392eb86 100644 --- a/config/ampache.cfg.php.dist +++ b/config/ampache.cfg.php.dist @@ -114,6 +114,13 @@ catalog_prefix_pattern = "The|An|A|Die|Das|Ein|Eine|Les|Le|La" ; DEFAULT: true require_session = "true" +; Require LocalNet Session +; If this is set to true then ampache will require that a valid session +; is passed even on hosts defined in the Local Network ACL. This setting +; has no effect if access_control is not enabled +; DEFAULT: true +require_localnet_session = "true" + ; Multiple Logins ; Added by Vlet 07/25/07 ; When this setting is enabled a user may only be logged in from a single diff --git a/docs/CHANGELOG b/docs/CHANGELOG index 9d20ffbf..c27a4719 100755 --- a/docs/CHANGELOG +++ b/docs/CHANGELOG @@ -4,6 +4,8 @@ -------------------------------------------------------------------------- v.3.5-Alpha1 + - Added require_localnet_session config that allows you to exclude + IP(s) from session checks, see config.dist - Added Nusoap (http://sourceforge.net/projects/nusoap/) library for use with future lyrics feature - Fixed problem with flash player where random urls were not being diff --git a/lib/class/access.class.php b/lib/class/access.class.php index 113735ae..388367f7 100644 --- a/lib/class/access.class.php +++ b/lib/class/access.class.php @@ -165,7 +165,7 @@ class Access { * and then returns true or false if they have access to this * the IP is passed as a dotted quad */ - public static function check_network($type,$ip,$user,$level,$key='') { + public static function check_network($type,$ip='',$user,$level,$key='') { // They aren't using access control // lets just keep on trucking @@ -174,7 +174,7 @@ class Access { } // Clean incomming variables - $ip = sprintf("%u",ip2long($ip)); + $ip = $ip ? sprintf("%u",ip2long($ip)) : sprintf("%u",ip2long($_SERVER['REMOTE_ADDR'])); $user = Dba::escape($user); $key = Dba::escape($key); $level = Dba::escape($level); diff --git a/lib/class/api.class.php b/lib/class/api.class.php index af44c6b5..9e1f8f46 100644 --- a/lib/class/api.class.php +++ b/lib/class/api.class.php @@ -73,7 +73,7 @@ class Api { $ip = sprintf("%u",ip2long($ip)); // Log this attempt - debug_event('API','Login Attempt, IP:' . long2ip($ip) . ' Time:' . $timestamp . ' User:' . $user_id . ' Auth:' . $passphrase,'1'); + debug_event('API','Login Attempt, IP:' . long2ip($ip) . ' Time:' . $timestamp . ' User:' . $username . '(' . $user_id . ') Auth:' . $passphrase,'1'); // Run the query and return the passphrases as we'll have to mangle them // to figure out if they match what we've got diff --git a/lib/class/catalog.class.php b/lib/class/catalog.class.php index 4929bb1e..74c65def 100644 --- a/lib/class/catalog.class.php +++ b/lib/class/catalog.class.php @@ -112,7 +112,27 @@ class Catalog { */ public static function get_from_path($path) { + // First pull a list of all of the paths for the different catalogs + $sql = "SELECT `id`,`path` FROM `catalog` WHERE `type`='local'"; + $db_results = Dba::read($sql); + + $catalog_paths = array(); + $componet_path = $path; + + while ($row = Dba::fetch_assoc($db_results)) { + $catalog_paths[$row['path']] = $row['id']; + } + // Break it down into its component parts and start looking for a catalog + do { + if ($catalog_paths[$component_path]) { + return $catalog_paths[$component_path]; + } + + $component_path = realpath($component_path . '../'); + } while (strlen($component_path) > 1); + + return false; } // get_from_path diff --git a/play/index.php b/play/index.php index 6c790f88..d8093980 100644 --- a/play/index.php +++ b/play/index.php @@ -72,7 +72,11 @@ if (make_bool($GLOBALS['user']->disabled)) { // If require session is set then we need to make sure we're legit if (Config::get('require_session')) { - if(!Stream::session_exists($sid)) { + if (!Config::get('require_localnet_session') AND Access::check_network('network',$_SERVER['REMOTE_ADDR'],$GLOBALS['user']->id,'5')) { + // Localnet defined IP and require localnot session has been turned off we let this one through + debug_event('LocalNet','Streaming Access Granted to Localnet defined IP ' . $_SERVER['REMOTE_ADDR'],'5'); + } + elseif(!Stream::session_exists($sid)) { debug_event('session_expired',"Streaming Access Denied: " . $GLOBALS['user']->username . "'s session has expired",'3'); die(_("Session Expired: please log in again at") . " " . Config::get('web_path') . "/login.php"); } |