diff options
| author | Karl 'vollmerk' Vollmer <vollmer@ampache.org> | 2007-12-18 05:31:54 +0000 |
|---|---|---|
| committer | Karl 'vollmerk' Vollmer <vollmer@ampache.org> | 2007-12-18 05:31:54 +0000 |
| commit | 698f05d14f880eb4ec7866ec3a8416ee4d1f838f (patch) | |
| tree | afcfb18b11f13c1ba429612a94432fa0a64aa12c /server/xmlrpc.server.php | |
| parent | 74201cb6158db6448ebf5d8330ace6ad4a139693 (diff) | |
| download | ampache-698f05d14f880eb4ec7866ec3a8416ee4d1f838f.tar.gz ampache-698f05d14f880eb4ec7866ec3a8416ee4d1f838f.tar.bz2 ampache-698f05d14f880eb4ec7866ec3a8416ee4d1f838f.zip | |
fixed XML-RPC mostly, uses insecure/old authentication method, needs more work
Diffstat (limited to 'server/xmlrpc.server.php')
| -rw-r--r-- | server/xmlrpc.server.php | 50 |
1 files changed, 27 insertions, 23 deletions
diff --git a/server/xmlrpc.server.php b/server/xmlrpc.server.php index 5487ddec..ab6d9e3c 100644 --- a/server/xmlrpc.server.php +++ b/server/xmlrpc.server.php @@ -1,7 +1,7 @@ <?php /* - Copyright 2001 - 2006 Ampache.org + Copyright 2001 - 2007 Ampache.org All Rights Reserved This program is free software; you can redistribute it and/or @@ -22,32 +22,36 @@ define('NO_SESSION','1'); require_once('../lib/init.php'); -if (conf('xml_rpc')) { - require_once(conf('prefix') . "/modules/xmlrpc/xmlrpcs.inc"); - require_once(conf('prefix') . "/modules/xmlrpc/xmlrpc.inc"); -} -else { exit(); } +/* Set the correct headers */ +header("Content-type: text/xml; charset=" . Config::get('site_charset')); +header("Content-Disposition: attachment; filename=xmlrpc-server.xml"); -/* Setup the vars we are going to need */ -$access = new Access(); +if (Config::get('xml_rpc')) { + require_once Config::get('prefix') . "/modules/xmlrpc/xmlrpcs.inc"; + require_once Config::get('prefix') . "/modules/xmlrpc/xmlrpc.inc"; +} +else { + debug_event('DENIED','Attempted to Access XMLRPC server with xml_rpc disabled','1'); + exit(); +} // ** check that the remote server has access to this catalog -if ($access->check('init-xml-rpc',$_SERVER['REMOTE_ADDR'],'','5','')) { +if (Access::check_network('init-rpc',$_SERVER['REMOTE_ADDR'],'','5','')) { - /* Setup Possible Actions */ - $methods['remote_catalog_query'] = array('function' => 'remote_catalog_query'); - $methods['remote_song_query'] = array('function' => 'remote_song_query'); - $methods['remote_session_verify'] = array('function' => 'remote_session_verify'); + // Define an array of classes we need to pull from for the + $classes = array('xmlRpcServer'); - $s = new xmlrpc_server($methods); -} -else { - // Access Denied... Sucka!! - $methods['remote_catalog_query'] = array('function' => 'remote_server_denied'); - $methods['remote_song_query'] = array('function' => 'remote_server_denied'); - $methods['remote_session_verify'] = array('function' => 'remote_server_denied'); - - $s = new xmlrpc_server($methods); -} + foreach ($classes as $class) { + $methods = get_class_methods($class); + + foreach ($methods as $method) { + $name = strtolower($class) . '.' . strtolower($method); + $functions[$name] = array('function'=>$class . '::' . $method); + } + + } // end foreach of classes + + $server = new xmlrpc_server($functions); +} // test for ACL ?> |