diff options
Diffstat (limited to 'lib/class/xmlrpcserver.class.php')
| -rw-r--r-- | lib/class/xmlrpcserver.class.php | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/lib/class/xmlrpcserver.class.php b/lib/class/xmlrpcserver.class.php index 91fb78ec..06c6effd 100644 --- a/lib/class/xmlrpcserver.class.php +++ b/lib/class/xmlrpcserver.class.php @@ -196,6 +196,16 @@ class xmlRpcServer { */ public static function check_song($xmlrpc_object) { + // Pull out the key + $variable = $xmlrpc_object->getParam(1); + $key = $variable->scalarval(); + + // Check it and make sure we're super green + if (!vauth::session_exists('xml-rpc',$key)) { + debug_event('XMLSERVER','Error ' . $_SERVER['REMOTE_ADDR'] . ' with key ' . $key . ' does not match any ACLs','1'); + return new XML_RPC_Response(0,'503','Key/IP Mis-match Access Denied'); + } + $var = $xmlrpc_object->params['0']->me['int']; $sql = "SELECT `song`.`id` FROM `song` WHERE `id`='" . Dba::escape($var) ."'"; $db_results = Dba::read($sql); |