Rewritten Guest Access
This commit is contained in:
Tobias Reich
parent
b246a9d1c2
commit
fbe7be18c1
@ -1,106 +0,0 @@
|
||||
<?php
|
||||
|
||||
/**
|
||||
* @name Guest Access (Public Mode)
|
||||
* @author Tobias Reich
|
||||
* @copyright 2014 by Tobias Reich
|
||||
*/
|
||||
|
||||
if (!defined('LYCHEE')) exit('Error: Direct access is not allowed!');
|
||||
if (!defined('LYCHEE_ACCESS_GUEST')) exit('Error: You are not allowed to access this area!');
|
||||
|
||||
switch ($_POST['function']) {
|
||||
|
||||
// Album Functions
|
||||
|
||||
case 'getAlbums': $album = new Album($database, $plugins, $settings, null);
|
||||
echo json_encode($album->getAll(true));
|
||||
break;
|
||||
|
||||
case 'getAlbum': Module::dependencies(isset($_POST['albumID'], $_POST['password']));
|
||||
$album = new Album($database, $plugins, $settings, $_POST['albumID']);
|
||||
if ($album->getPublic()) {
|
||||
// Album Public
|
||||
if ($album->checkPassword($_POST['password'])) echo json_encode($album->get());
|
||||
else echo 'Warning: Wrong password!';
|
||||
} else {
|
||||
// Album Private
|
||||
echo 'Warning: Album private!';
|
||||
}
|
||||
break;
|
||||
|
||||
case 'checkAlbumAccess':Module::dependencies(isset($_POST['albumID'], $_POST['password']));
|
||||
$album = new Album($database, $plugins, $settings, $_POST['albumID']);
|
||||
if ($album->getPublic()) {
|
||||
// Album Public
|
||||
if ($album->checkPassword($_POST['password'])) echo true;
|
||||
else echo false;
|
||||
} else {
|
||||
// Album Private
|
||||
echo false;
|
||||
}
|
||||
break;
|
||||
|
||||
// Photo Functions
|
||||
|
||||
case 'getPhoto': Module::dependencies(isset($_POST['photoID'], $_POST['albumID'], $_POST['password']));
|
||||
$photo = new Photo($database, $plugins, null, $_POST['photoID']);
|
||||
if ($photo->getPublic($_POST['password']))
|
||||
echo json_encode($photo->get($_POST['albumID']));
|
||||
else
|
||||
echo 'Warning: Wrong password!';
|
||||
break;
|
||||
|
||||
// Session Functions
|
||||
|
||||
case 'init': $session = new Session($plugins, $settings);
|
||||
echo json_encode($session->init($database, $dbName, true, $_POST['version']));
|
||||
break;
|
||||
|
||||
case 'login': Module::dependencies(isset($_POST['user'], $_POST['password']));
|
||||
$session = new Session($plugins, $settings);
|
||||
echo $session->login($_POST['user'], $_POST['password']);
|
||||
break;
|
||||
|
||||
// Miscellaneous
|
||||
|
||||
default: switch ($_GET['function']) {
|
||||
|
||||
case 'getAlbumArchive': Module::dependencies(isset($_GET['albumID'], $_GET['password']));
|
||||
$album = new Album($database, $plugins, $settings, $_GET['albumID']);
|
||||
|
||||
// Album Download
|
||||
if ($album->getPublic()) {
|
||||
// Album Public
|
||||
if ($album->checkPassword($_GET['password'])) $album->getArchive();
|
||||
else exit('Warning: Wrong password!');
|
||||
} else {
|
||||
// Album Private
|
||||
exit('Warning: Album private or not downloadable!');
|
||||
}
|
||||
|
||||
break;
|
||||
|
||||
case 'getPhotoArchive': Module::dependencies(isset($_GET['photoID'], $_GET['password']));
|
||||
$photo = new Photo($database, $plugins, null, $_GET['photoID']);
|
||||
|
||||
// Photo Download
|
||||
if ($photo->getPublic($_GET['password']))
|
||||
// Photo Public
|
||||
$photo->getArchive();
|
||||
else
|
||||
// Photo Private
|
||||
exit('Warning: Photo private or not downloadable!');
|
||||
|
||||
break;
|
||||
|
||||
default: exit('Error: Function not found! Please check the spelling of the called function.');
|
||||
break;
|
||||
|
||||
}
|
||||
|
||||
break;
|
||||
|
||||
}
|
||||
|
||||
?>
|
||||
167
php/access/guest_foo.php
Normal file
167
php/access/guest_foo.php
Normal file
@ -0,0 +1,167 @@
|
||||
<?php
|
||||
|
||||
###
|
||||
# @name Guest Access (Public Mode)
|
||||
# @author Tobias Reich
|
||||
# @copyright 2014 by Tobias Reich
|
||||
###
|
||||
|
||||
if (!defined('LYCHEE')) exit('Error: Direct access is not allowed!');
|
||||
if (!defined('LYCHEE_ACCESS_GUEST')) exit('Error: You are not allowed to access this area!');
|
||||
|
||||
class Guest extends Access {
|
||||
|
||||
public function check($fn) {
|
||||
|
||||
switch ($fn) {
|
||||
|
||||
# Album functions
|
||||
case 'getAlbums': $this->getAlbums(); break;
|
||||
case 'getAlbum': $this->getAlbum(); break;
|
||||
case 'checkAlbumAccess': $this->checkAlbumAccess(); break;
|
||||
|
||||
# Photo functions
|
||||
case 'getPhoto': $this->getPhoto(); break;
|
||||
|
||||
# Session functions
|
||||
case 'init': $this->init(); break;
|
||||
case 'login': $this->login(); break;
|
||||
|
||||
# $_GET functions
|
||||
case 'getAlbumArchive': $this->getAlbumArchive(); break;
|
||||
case 'getPhotoArchive': $this->getPhotoArchive(); break;
|
||||
|
||||
# Error
|
||||
default: exit('Error: Function not found! Please check the spelling of the called function.'); break;
|
||||
|
||||
}
|
||||
|
||||
return true;
|
||||
|
||||
}
|
||||
|
||||
# Album functions
|
||||
|
||||
private function getAlbums() {
|
||||
|
||||
$album = new Album($this->database, $this->plugins, $this->settings, null);
|
||||
echo json_encode($album->getAll(true));
|
||||
|
||||
}
|
||||
|
||||
private function getAlbum() {
|
||||
|
||||
Module::dependencies(isset($_POST['albumID'], $_POST['password']));
|
||||
$album = new Album($this->database, $this->plugins, $this->settings, $_POST['albumID']);
|
||||
|
||||
if ($album->getPublic()) {
|
||||
|
||||
# Album public
|
||||
if ($album->checkPassword($_POST['password'])) echo json_encode($album->get());
|
||||
else echo 'Warning: Wrong password!';
|
||||
|
||||
} else {
|
||||
|
||||
# Album private
|
||||
echo 'Warning: Album private!';
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
private function checkAlbumAccess() {
|
||||
|
||||
Module::dependencies(isset($_POST['albumID'], $_POST['password']));
|
||||
$album = new Album($this->database, $this->plugins, $this->settings, $_POST['albumID']);
|
||||
|
||||
if ($album->getPublic()) {
|
||||
|
||||
# Album public
|
||||
if ($album->checkPassword($_POST['password'])) echo true;
|
||||
else echo false;
|
||||
|
||||
} else {
|
||||
|
||||
# Album private
|
||||
echo false;
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
# Photo functions
|
||||
|
||||
private function getPhoto() {
|
||||
|
||||
Module::dependencies(isset($_POST['photoID'], $_POST['albumID'], $_POST['password']));
|
||||
$photo = new Photo($this->database, $this->plugins, null, $_POST['photoID']);
|
||||
|
||||
if ($photo->getPublic($_POST['password'])) echo json_encode($photo->get($_POST['albumID']));
|
||||
else echo 'Warning: Wrong password!';
|
||||
|
||||
}
|
||||
|
||||
# Session functions
|
||||
|
||||
private function init() {
|
||||
|
||||
global $dbName;
|
||||
|
||||
$session = new Session($this->plugins, $this->settings);
|
||||
echo json_encode($session->init($this->database, $dbName, true, $_POST['version']));
|
||||
|
||||
}
|
||||
|
||||
private function login() {
|
||||
|
||||
Module::dependencies(isset($_POST['user'], $_POST['password']));
|
||||
$session = new Session($this->plugins, $this->settings);
|
||||
echo $session->login($_POST['user'], $_POST['password']);
|
||||
|
||||
}
|
||||
|
||||
# $_GET functions
|
||||
|
||||
private function getAlbumArchive() {
|
||||
|
||||
Module::dependencies(isset($_GET['albumID'], $_GET['password']));
|
||||
$album = new Album($this->database, $this->plugins, $this->settings, $_GET['albumID']);
|
||||
|
||||
if ($album->getPublic()) {
|
||||
|
||||
# Album Public
|
||||
if ($album->checkPassword($_GET['password'])) $album->getArchive();
|
||||
else exit('Warning: Wrong password!');
|
||||
|
||||
} else {
|
||||
|
||||
# Album Private
|
||||
exit('Warning: Album private or not downloadable!');
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
private function getPhotoArchive() {
|
||||
|
||||
Module::dependencies(isset($_GET['photoID'], $_GET['password']));
|
||||
$photo = new Photo($this->database, $this->plugins, null, $_GET['photoID']);
|
||||
|
||||
# Photo Download
|
||||
if ($photo->getPublic($_GET['password'])) {
|
||||
|
||||
# Photo Public
|
||||
$photo->getArchive();
|
||||
|
||||
} else {
|
||||
|
||||
# Photo Private
|
||||
exit('Warning: Photo private or not downloadable!');
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
?>
|
||||
11
php/api.php
11
php/api.php
@ -62,8 +62,8 @@ if (!empty($_POST['function'])||!empty($_GET['function'])) {
|
||||
if (isset($_POST['photoID'])&&preg_match('/^[0-9]{14}$/', $_POST['photoID'])!==1) exit('Error: Wrong parameter type for photoID!');
|
||||
|
||||
# Fallback for switch statement
|
||||
if (!isset($_POST['function'])) $_POST['function'] = '';
|
||||
if (!isset($_GET['function'])) $_GET['function'] = '';
|
||||
if (isset($_POST['function'])) $fn = $_POST['function'];
|
||||
else $fn = $_GET['function'];
|
||||
|
||||
if (isset($_SESSION['login'])&&$_SESSION['login']==true) {
|
||||
|
||||
@ -75,7 +75,7 @@ if (!empty($_POST['function'])||!empty($_GET['function'])) {
|
||||
define('LYCHEE_ACCESS_ADMIN', true);
|
||||
|
||||
$admin = new Admin($database, $plugins, $settings);
|
||||
$admin->check($_POST['function']);
|
||||
$admin->check($fn);
|
||||
|
||||
} else {
|
||||
|
||||
@ -85,7 +85,10 @@ if (!empty($_POST['function'])||!empty($_GET['function'])) {
|
||||
###
|
||||
|
||||
define('LYCHEE_ACCESS_GUEST', true);
|
||||
require(__DIR__ . '/access/guest.php');
|
||||
require(__DIR__ . '/access/guest_foo.php');
|
||||
|
||||
$guest = new Guest($database, $plugins, $settings);
|
||||
$guest->check($fn);
|
||||
|
||||
}
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user