implement xml error codes rather then relying on string parsing

author: Karl 'vollmerk' Vollmer <vollmer@ampache.org> 2008-03-20 07:52:51 +0000
committer: Karl 'vollmerk' Vollmer <vollmer@ampache.org> 2008-03-20 07:52:51 +0000
commit: 06652fe0406b45732ad80a3ab08c7d97bae4b47c (patch)
tree: a05098b28648f998bf32cbc286124916c6949d2a /server
parent: 17244cee94c89c4dcdc7fc58001790165ca2d7f1 (diff)
download: ampache-06652fe0406b45732ad80a3ab08c7d97bae4b47c.tar.gz
ampache-06652fe0406b45732ad80a3ab08c7d97bae4b47c.tar.bz2
ampache-06652fe0406b45732ad80a3ab08c7d97bae4b47c.zip
1 files changed, 10 insertions, 12 deletions
diff --git a/server/xml.server.php b/server/xml.server.php
index aeae5798..5bb3ead3 100644
--- a/server/xml.server.php
+++ b/server/xml.server.php
@@ -39,7 +39,7 @@ header("Content-Disposition: attachment; filename=information.xml");
 // If we don't even have access control on then we can't use this!
 if (!Config::get('access_control')) { 
 	ob_end_clean(); 
-	echo xmlData::error('Access Control not Enabled');
+	echo xmlData::error('501','Access Control not Enabled');
 	exit; 
 }  
 
@@ -47,19 +47,17 @@ if (!Config::get('access_control')) {
  * Verify the existance of the Session they passed in we do allow them to
  * login via this interface so we do have an exception for action=login
  */
-
-if ((!vauth::session_exists('api', $_REQUEST['auth']) AND $_REQUEST['action'] != 'handshake')) { 
-	debug_event('Access Denied','Invalid Session attempt to API [' . $_REQUEST['action'] . ']','5'); 
+if (!Access::check_network('init-api',$_SERVER['REMOTE_ADDR'],$_REQUEST['user'],'5')) { 
+	debug_event('Access Denied','Unathorized access attempt to API [' . $_SERVER['REMOTE_ADDR'] . ']', '5');
 	ob_end_clean(); 
-	echo xmlData::error('Session Expired');
+        echo xmlData::error('403','ACL Error');
 	exit(); 
-} 
-
+}
 
-if (!Access::check_network('init-api',$_SERVER['REMOTE_ADDR'],$_REQUEST['user'],'5')) { 
-	debug_event('Access Denied','Unathorized access attempt to API [' . $_SERVER['REMOTE_ADDR'] . ']', '5');
+if ((!vauth::session_exists('api', $_REQUEST['auth']) AND $_REQUEST['action'] != 'handshake')) { 
+	debug_event('Access Denied','Invalid Session attempt to API [' . $_REQUEST['action'] . ']','5'); 
 	ob_end_clean(); 
-        echo xmlData::error('ACL Error');
+	echo xmlData::error('401','Session Expired');
 	exit(); 
 }
 
@@ -77,7 +75,7 @@ switch ($_REQUEST['action']) {
 		
 		if (!$token) { 
 			ob_end_clean(); 
-			echo xmlData::error('Error Invalid Handshake, attempt logged'); 
+			echo xmlData::error('401','Error Invalid Handshake, attempt logged'); 
 		} 
 		else { 
 			ob_end_clean(); 
@@ -273,7 +271,7 @@ switch ($_REQUEST['action']) {
 	break; 
 	default:
                 ob_end_clean();
-                echo xmlData::error('Invalid Request');
+                echo xmlData::error('405','Invalid Request');
 	break;
 } // end switch action
 ?>
author	Karl 'vollmerk' Vollmer <vollmer@ampache.org>	2008-03-20 07:52:51 +0000
committer	Karl 'vollmerk' Vollmer <vollmer@ampache.org>	2008-03-20 07:52:51 +0000
commit	06652fe0406b45732ad80a3ab08c7d97bae4b47c (patch)
tree	a05098b28648f998bf32cbc286124916c6949d2a /server
parent	17244cee94c89c4dcdc7fc58001790165ca2d7f1 (diff)
download	ampache-06652fe0406b45732ad80a3ab08c7d97bae4b47c.tar.gz ampache-06652fe0406b45732ad80a3ab08c7d97bae4b47c.tar.bz2 ampache-06652fe0406b45732ad80a3ab08c7d97bae4b47c.zip