/code/ajax.php
PHP | 123 lines | 83 code | 34 blank | 6 comment | 32 complexity | 3ce831e6a7cd1648ed0bae21c8d208f7 MD5 | raw file
Possible License(s): AGPL-3.0
- <?php
- require_once ('opentape_common.php');
- $json = new Services_JSON(SERVICES_JSON_LOOSE_TYPE);
-
- $command = $_POST['command'];
- $args = $json->decode(stripslashes($_POST['args']));
-
- header("Content-type: application/json; charset=UTF-8");
-
- // create_password is the exception, since you can't be logged in
- if (!is_logged_in() && strcmp($command, "create_password") ) {
- echo '{"status":false,"command":"' . $command . '","debug":"You must authenticate."}';
- exit;
- }
- //error_log ("$command - " . print_r($args,1));
-
- if (isset($args['password1']) && !strcmp($args['password1'], $args['password2']) && !strcmp($command,"create_password")) {
-
- // don't allow people to set password using this method once the file exists
- if(is_password_set()) { echo '{"status":false,"command":"' . $command . '","debug":"The password is already configured, login to change it."}'; }
- if (set_password($args['password1'])) {
- // proceed to next step, nothing here really...
- } else {
- echo '{"status":false,"command":"' . $command . '","debug":""}';
- exit;
- }
-
- if (create_session()) {
- echo '{"status":true,"command":"create_password","debug":""}';
- } else {
- echo '{"status":false,"command":"' . $command . '","debug":""}';
- }
-
- } elseif (isset($args['password1']) && !strcmp($args['password1'], $args['password2']) && !strcmp($command,"change_password")) {
- if (set_password($args['password1'])) {
- echo '{"status":true,"command":"' . $command . '","debug":""}';
- } else {
- echo '{"status":false,"command":"' . $command . '","debug":""}';
- }
-
- } elseif (!strcmp($command, "rename")) {
-
- if(get_magic_quotes_gpc()) {
- $_POST['artist'] = stripslashes($_POST['artist']);
- $_POST['title'] = stripslashes($_POST['title']);
- }
-
- if (rename_song($args['song_key'], $_POST['artist'], $_POST['title'])) {
- echo '{"status":true,"command":"' . $command . '","debug":"","args":{"song_key":"' . $args['song_key'] . '","artist":"' . escape_for_json($_POST['artist']) . '","title":"' . escape_for_json($_POST['title']) .'"}}';
- } else {
- echo '{"status":false,"command":"' . $command . '","debug":""}';
- }
- } elseif (!strcmp($command, "reorder")) {
-
- if (reorder_songs($args)) {
- echo '{"status":true,"command":"' . $command . '","debug":""}';
- } else {
- echo '{"status":false,"command":"' . $command . '","debug":""}';
- }
- } elseif (!strcmp($command, "delete")) {
-
- if (delete_song($_POST['args'])) {
- echo '{"status":true,"command":"' . $command . '","debug":"","args":"' . $_POST['args'] . '"}';
- } else {
- echo '{"status":false,"command":"' . $command . '","debug":""}';
- }
-
- } elseif (!strcmp($command, "bannercaptioncolor")) {
-
- $prefs_struct = get_opentape_prefs();
-
- if(get_magic_quotes_gpc()) {
- $_POST['banner'] = stripslashes($_POST['banner']);
- $_POST['caption'] = stripslashes($_POST['caption']);
- $_POST['color'] = stripslashes($_POST['color']);
- }
-
- $prefs_struct['banner'] = $_POST['banner'];
- $prefs_struct['caption'] = $_POST['caption'];
- $prefs_struct['color'] = $_POST['color'];
-
- if (write_opentape_prefs($prefs_struct)) {
- echo '{"status":true,"command":"' . $command . '","debug":""}';
- } else {
- echo '{"status":false,"command":"' . $command . '","debug":""}';
- }
-
- } elseif (!strcmp($command, "set_option")) {
-
- $prefs_struct = get_opentape_prefs();
- // maybe should check if the key is a valid data item type, to prevent
- // some kind of sizing attack... though checking for login does well.
- foreach ($args as $key => $data) {
-
- if (!strcmp($data,"on") || !strcmp($data,"true") || $data===true || $data==1 ) {
- $prefs_struct[$key] = 1;
- } else {
- $prefs_struct[$key] = 0;
- }
-
- }
-
- if (write_opentape_prefs($prefs_struct)) {
- echo '{"status":true,"command":"' . $command . '","debug":""}';
- } else {
- echo '{"status":false,"command":"' . $command . '","debug":""}';
- }
-
- } else {
-
- echo '{"status":false,"command":"' . $command . '","debug":""}';
-
- }
- ?>