Congegni/sintonia
7
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Resolved differences merging 2.5.x into saas

Browse source
This commit is contained in:
Duncan Sommerville 2014-10-27 16:25:42 -04:00
commit 275ca5eed6
31 changed files with 832 additions and 326 deletions
Download patch file Download diff file Expand all files Collapse all files

142
LICENSE
View file

@ -1,5 +1,5 @@
GNU GENERAL PUBLIC LICENSE
Version 3, 29 June 2007
GNU AFFERO GENERAL PUBLIC LICENSE
Version 3, 19 November 2007
Copyright (C) 2007 Free Software Foundation, Inc. <http://fsf.org/>
Everyone is permitted to copy and distribute verbatim copies
@ -7,17 +7,15 @@
Preamble
The GNU General Public License is a free, copyleft license for
software and other kinds of works.
The GNU Affero General Public License is a free, copyleft license for
software and other kinds of works, specifically designed to ensure
cooperation with the community in the case of network server software.
The licenses for most software and other practical works are designed
to take away your freedom to share and change the works. By contrast,
the GNU General Public License is intended to guarantee your freedom to
our General Public Licenses are intended to guarantee your freedom to
share and change all versions of a program--to make sure it remains free
software for all its users. We, the Free Software Foundation, use the
GNU General Public License for most of our software; it applies also to
any other work released this way by its authors. You can apply it to
your programs, too.
software for all its users.
When we speak of free software, we are referring to freedom, not
price. Our General Public Licenses are designed to make sure that you
@ -26,44 +24,34 @@ them if you wish), that you receive source code or can get it if you
want it, that you can change the software or use pieces of it in new
free programs, and that you know you can do these things.
To protect your rights, we need to prevent others from denying you
these rights or asking you to surrender the rights. Therefore, you have
certain responsibilities if you distribute copies of the software, or if
you modify it: responsibilities to respect the freedom of others.
Developers that use our General Public Licenses protect your rights
with two steps: (1) assert copyright on the software, and (2) offer
you this License which gives you legal permission to copy, distribute
and/or modify the software.
For example, if you distribute copies of such a program, whether
gratis or for a fee, you must pass on to the recipients the same
freedoms that you received. You must make sure that they, too, receive
or can get the source code. And you must show them these terms so they
know their rights.
A secondary benefit of defending all users' freedom is that
improvements made in alternate versions of the program, if they
receive widespread use, become available for other developers to
incorporate. Many developers of free software are heartened and
encouraged by the resulting cooperation. However, in the case of
software used on network servers, this result may fail to come about.
The GNU General Public License permits making a modified version and
letting the public access it on a server without ever releasing its
source code to the public.
Developers that use the GNU GPL protect your rights with two steps:
(1) assert copyright on the software, and (2) offer you this License
giving you legal permission to copy, distribute and/or modify it.
The GNU Affero General Public License is designed specifically to
ensure that, in such cases, the modified source code becomes available
to the community. It requires the operator of a network server to
provide the source code of the modified version running there to the
users of that server. Therefore, public use of a modified version, on
a publicly accessible server, gives the public access to the source
code of the modified version.
For the developers' and authors' protection, the GPL clearly explains
that there is no warranty for this free software. For both users' and
authors' sake, the GPL requires that modified versions be marked as
changed, so that their problems will not be attributed erroneously to
authors of previous versions.
Some devices are designed to deny users access to install or run
modified versions of the software inside them, although the manufacturer
can do so. This is fundamentally incompatible with the aim of
protecting users' freedom to change the software. The systematic
pattern of such abuse occurs in the area of products for individuals to
use, which is precisely where it is most unacceptable. Therefore, we
have designed this version of the GPL to prohibit the practice for those
products. If such problems arise substantially in other domains, we
stand ready to extend this provision to those domains in future versions
of the GPL, as needed to protect the freedom of users.
Finally, every program is threatened constantly by software patents.
States should not allow patents to restrict development and use of
software on general-purpose computers, but in those that do, we wish to
avoid the special danger that patents applied to a free program could
make it effectively proprietary. To prevent this, the GPL assures that
patents cannot be used to render the program non-free.
An older license, called the Affero General Public License and
published by Affero, was designed to accomplish similar goals. This is
a different license, not a version of the Affero GPL, but Affero has
released a new version of the Affero GPL which permits relicensing under
this license.
The precise terms and conditions for copying, distribution and
modification follow.
@ -72,7 +60,7 @@ modification follow.
0. Definitions.
"This License" refers to version 3 of the GNU General Public License.
"This License" refers to version 3 of the GNU Affero General Public License.
"Copyright" also means copyright-like laws that apply to other kinds of
works, such as semiconductor masks.
@ -549,35 +537,45 @@ to collect a royalty for further conveying from those to whom you convey
the Program, the only way you could satisfy both those terms and this
License would be to refrain entirely from conveying the Program.
13. Use with the GNU Affero General Public License.
13. Remote Network Interaction; Use with the GNU General Public License.
Notwithstanding any other provision of this License, if you modify the
Program, your modified version must prominently offer all users
interacting with it remotely through a computer network (if your version
supports such interaction) an opportunity to receive the Corresponding
Source of your version by providing access to the Corresponding Source
from a network server at no charge, through some standard or customary
means of facilitating copying of software. This Corresponding Source
shall include the Corresponding Source for any work covered by version 3
of the GNU General Public License that is incorporated pursuant to the
following paragraph.
Notwithstanding any other provision of this License, you have
permission to link or combine any covered work with a work licensed
under version 3 of the GNU Affero General Public License into a single
under version 3 of the GNU General Public License into a single
combined work, and to convey the resulting work. The terms of this
License will continue to apply to the part which is the covered work,
but the special requirements of the GNU Affero General Public License,
section 13, concerning interaction through a network will apply to the
combination as such.
but the work with which it is combined will remain governed by version
3 of the GNU General Public License.
14. Revised Versions of this License.
The Free Software Foundation may publish revised and/or new versions of
the GNU General Public License from time to time. Such new versions will
be similar in spirit to the present version, but may differ in detail to
the GNU Affero General Public License from time to time. Such new versions
will be similar in spirit to the present version, but may differ in detail to
address new problems or concerns.
Each version is given a distinguishing version number. If the
Program specifies that a certain numbered version of the GNU General
Program specifies that a certain numbered version of the GNU Affero General
Public License "or any later version" applies to it, you have the
option of following the terms and conditions either of that numbered
version or of any later version published by the Free Software
Foundation. If the Program does not specify a version number of the
GNU General Public License, you may choose any version ever published
GNU Affero General Public License, you may choose any version ever published
by the Free Software Foundation.
If the Program specifies that a proxy can decide which future
versions of the GNU General Public License can be used, that proxy's
versions of the GNU Affero General Public License can be used, that proxy's
public statement of acceptance of a version permanently authorizes you
to choose that version for the Program.
@ -635,41 +633,29 @@ the "copyright" line and a pointer to where the full notice is found.
Copyright (C) <year> <name of author>
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
it under the terms of the GNU Affero General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
GNU Affero General Public License for more details.
You should have received a copy of the GNU General Public License
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
Also add information on how to contact you by electronic and paper mail.
If the program does terminal interaction, make it output a short
notice like this when it starts in an interactive mode:
<program> Copyright (C) <year> <name of author>
This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
This is free software, and you are welcome to redistribute it
under certain conditions; type `show c' for details.
The hypothetical commands `show w' and `show c' should show the appropriate
parts of the General Public License. Of course, your program's commands
might be different; for a GUI interface, you would use an "about box".
If your software can interact with users remotely through a computer
network, you should also make sure that it provides a way for users to
get its source. For example, if your program is a web application, its
interface could display a "Source" link that leads users to an archive
of the code. There are many ways you could offer source, and different
solutions will be better for different programs; see section 13 for the
specific requirements.
You should also get your employer (if you work as a programmer) or school,
if any, to sign a "copyright disclaimer" for the program, if necessary.
For more information on this, and how to apply and follow the GNU GPL, see
For more information on this, and how to apply and follow the GNU AGPL, see
<http://www.gnu.org/licenses/>.
The GNU General Public License does not permit incorporating your program
into proprietary programs. If your program is a subroutine library, you
may consider it more useful to permit linking proprietary applications with
the library. If this is what you want to do, use the GNU Lesser General
Public License instead of this License. But first, please read
<http://www.gnu.org/philosophy/why-not-lgpl.html>.

80
airtime_mvc/application/common/DateHelper.php
View file

@ -312,6 +312,86 @@ class Application_Common_DateHelper
}
}
/**
* Convert the columns given in the array $columnsToConvert in the
* database result $rows to local timezone.
*
* @param array $rows arrays of arrays containing database query result
* @param array $columnsToConvert array of column names to convert
* @param string $timezone convert to the given timezone.
* @param string $format time format to convert to
*/
public static function convertTimestampsToTimezone(&$rows, $columnsToConvert, $timezone, $format="Y-m-d H:i:s")
{
$timezone = strtolower($timezone);
// Check that the timezone is valid and rows is an array
if (!is_array($rows)) {
return;
}
foreach ($rows as &$row) {
if (is_array($row)) {
foreach ($columnsToConvert as $column) {
if (array_key_exists($column, $row)) {
$newTimezone = new DateTimeZone($timezone);
$utcTimezone = new DateTimeZone("UTC");
$d = new DateTime($row[$column], $utcTimezone);
$d->setTimezone($newTimezone);
$row[$column] = $d->format($format);
}
}
self::convertTimestampsToTimezone($row, $columnsToConvert, $timezone, $format);
}
}
}
/**
* Return the end date time in the given timezone
*
* @return DateTime
*/
public static function getEndDateTime($timezoneString, $days)
{
$timezone = new DateTimeZone($timezoneString);
$now = new DateTime("now", $timezone);
$now->add(new DateInterval("P".$days."D"));
$now->setTime(0, 0, 0);
return $now;
}
/**
* Return a formatted string representing the
* given datetime in the given timezone
*
* @param unknown $datetime the time to convert
* @param unknown $timezone the timezone to convert to
* @param string $format the formatted string
*/
public static function UTCStringToTimezoneString($datetime, $timezone, $format="Y-m-d H:i:s") {
$d = new DateTime($datetime, new DateTimeZone("UTC"));
$timezone = strtolower($timezone);
$newTimezone = new DateTimeZone($timezone);
$d->setTimezone($newTimezone);
return $d->format($format);
}
/**
* Return the timezone offset in seconds for the given timezone
*
* @param unknown $userDefinedTimezone the timezone used to determine the offset
*/
public static function getTimezoneOffset($userDefinedTimezone) {
$now = new DateTimeZone($userDefinedTimezone);
$d = new DateTime("now", $now);
return $d->format("Z");
}
/**
* This function is used for calculations! Don't modify for display purposes!
*

13
airtime_mvc/application/common/OsPath.php
View file

@ -80,4 +80,17 @@ class Application_Common_OsPath{
return $baseUrl;
}
public static function formatDirectoryWithDirectorySeparators($dir)
{
if ($dir[0] != "/") {
$dir = "/".$dir;
}
if ($dir[strlen($dir) -1] != "/") {
$dir = $dir."/";
}
return $dir;
}
}

311
airtime_mvc/application/controllers/ApiController.php
View file

@ -5,7 +5,8 @@ class ApiController extends Zend_Controller_Action
public function init()
{
$ignoreAuth = array("live-info", "week-info");
$ignoreAuth = array("live-info", "live-info-v2", "week-info",
"station-metadata", "station-logo");
$params = $this->getRequest()->getParams();
if (!in_array($params['action'], $ignoreAuth)) {
@ -246,70 +247,72 @@ class ApiController extends Zend_Controller_Action
$this->view->layout()->disableLayout();
$this->_helper->viewRenderer->setNoRender(true);
$request = $this->getRequest();
$utcTimeNow = gmdate("Y-m-d H:i:s");
$utcTimeEnd = ""; // if empty, getNextShows will use interval instead of end of day
$request = $this->getRequest();
// default to the station timezone
$timezone = Application_Model_Preference::GetDefaultTimezone();
$userDefinedTimezone = strtolower($request->getParam('timezone'));
$upcase = false; // only upcase the timezone abbreviations
$this->checkTimezone($userDefinedTimezone, $timezone, $upcase);
$type = $request->getParam('type');
/* This is some *extremely* lazy programming that needs to bi fixed. For some reason
* we are using two entirely different codepaths for very similar functionality (type = endofday
* vs type = interval). Needs to be fixed for 2.3 - MK */
if ($type == "endofday") {
$limit = $request->getParam('limit');
if ($limit == "" || !is_numeric($limit)) {
$limit = "5";
}
/* This is some *extremely* lazy programming that needs to be fixed. For some reason
* we are using two entirely different codepaths for very similar functionality (type = endofday
* vs type = interval). Needs to be fixed for 2.3 - MK */
if ($type == "endofday") {
// make getNextShows use end of day
$end = Application_Common_DateHelper::getTodayStationEndDateTime();
$end->setTimezone(new DateTimeZone("UTC"));
$utcTimeEnd = $end->format("Y-m-d H:i:s");
$result = array(
"env" => APPLICATION_ENV,
"schedulerTime" => $utcTimeNow,
"currentShow" => Application_Model_Show::getCurrentShow($utcTimeNow),
"nextShow" => Application_Model_Show::getNextShows($utcTimeNow, $limit, $utcTimeEnd)
);
}
else {
$result = Application_Model_Schedule::GetPlayOrderRange();
// XSS exploit prevention
$result["previous"]["name"] = htmlspecialchars($result["previous"]["name"]);
$result["current"]["name"] = htmlspecialchars($result["current"]["name"]);
$result["next"]["name"] = htmlspecialchars($result["next"]["name"]);
} else {
$result = Application_Model_Schedule::GetPlayOrderRangeOld($limit);
}
// XSS exploit prevention
foreach ($result["currentShow"] as &$current) {
$current["name"] = htmlspecialchars($current["name"]);
}
foreach ($result["nextShow"] as &$next) {
$next["name"] = htmlspecialchars($next["name"]);
}
$this->convertSpecialChars($result, array("name", "url"));
// apply user-defined timezone, or default to station
Application_Common_DateHelper::convertTimestampsToTimezone(
$result['currentShow'],
array("starts", "ends", "start_timestamp","end_timestamp"),
$timezone
);
Application_Common_DateHelper::convertTimestampsToTimezone(
$result['nextShow'],
array("starts", "ends", "start_timestamp","end_timestamp"),
$timezone
);
//For consistency, all times here are being sent in the station timezone, which
//seems to be what we've normalized everything to.
//Convert the UTC scheduler time ("now") to the user-defined timezone.
$result["schedulerTime"] = Application_Common_DateHelper::UTCStringToTimezoneString($result["schedulerTime"], $timezone);
$result["timezone"] = $upcase ? strtoupper($timezone) : $timezone;
$result["timezoneOffset"] = Application_Common_DateHelper::getTimezoneOffset($timezone);
//Convert the UTC scheduler time ("now") to the station timezone.
$result["schedulerTime"] = Application_Common_DateHelper::UTCStringToStationTimezoneString($result["schedulerTime"]);
$result["timezone"] = Application_Common_DateHelper::getStationTimezoneAbbreviation();
$result["timezoneOffset"] = Application_Common_DateHelper::getStationTimezoneOffset();
//Convert from UTC to station time for Web Browser.
Application_Common_DateHelper::convertTimestamps($result["currentShow"],
array("starts", "ends", "start_timestamp", "end_timestamp"),
"station");
Application_Common_DateHelper::convertTimestamps($result["nextShow"],
array("starts", "ends", "start_timestamp", "end_timestamp"),
"station");
//used by caller to determine if the airtime they are running or widgets in use is out of date.
// used by caller to determine if the airtime they are running or widgets in use is out of date.
$result['AIRTIME_API_VERSION'] = AIRTIME_API_VERSION;
header("Content-Type: application/json");
if (version_compare(phpversion(), '5.4.0', '<')) {
$js = json_encode($result);
} else {
$js = json_encode($result, JSON_PRETTY_PRINT);
}
// If a callback is not given, then just provide the raw JSON.
echo isset($_GET['callback']) ? $_GET['callback'].'('.json_encode($result).')' : json_encode($result);
echo isset($_GET['callback']) ? $_GET['callback'].'('.$js.')' : $js;
} else {
header('HTTP/1.0 401 Unauthorized');
print _('You are not allowed to access this resource. ');
@ -317,6 +320,125 @@ class ApiController extends Zend_Controller_Action
}
}
/**
* Retrieve the currently playing show as well as upcoming shows.
* Number of shows returned and the time interval in which to
* get the next shows can be configured as GET parameters.
*
* Possible parameters:
* days - How many days to retrieve.
* Default is 2 (today + tomorrow).
* shows - How many shows to retrieve
* Default is 5.
* timezone - The timezone to send the times in
* Defaults to the station timezone
*/
public function liveInfoV2Action()
{
if (Application_Model_Preference::GetAllow3rdPartyApi()) {
// disable the view and the layout
$this->view->layout()->disableLayout();
$this->_helper->viewRenderer->setNoRender(true);
$request = $this->getRequest();
$utcTimeNow = gmdate("Y-m-d H:i:s");
$utcTimeEnd = ""; // if empty, getNextShows will use interval instead of end of day
// default to the station timezone
$timezone = Application_Model_Preference::GetDefaultTimezone();
$userDefinedTimezone = strtolower($request->getParam('timezone'));
$upcase = false; // only upcase the timezone abbreviations
$this->checkTimezone($userDefinedTimezone, $timezone, $upcase);
$daysToRetrieve = $request->getParam('days');
$showsToRetrieve = $request->getParam('shows');
if ($daysToRetrieve == "" || !is_numeric($daysToRetrieve)) {
$daysToRetrieve = "2";
}
if ($showsToRetrieve == "" || !is_numeric($showsToRetrieve)) {
$showsToRetrieve = "5";
}
// set the end time to the day's start n days from now.
// days=1 will return shows until the end of the current day,
// days=2 will return shows until the end of tomorrow, etc.
$end = Application_Common_DateHelper::getEndDateTime($timezone, $daysToRetrieve);
$end->setTimezone(new DateTimeZone("UTC"));
$utcTimeEnd = $end->format("Y-m-d H:i:s");
$result = Application_Model_Schedule::GetPlayOrderRange($utcTimeEnd, $showsToRetrieve);
// XSS exploit prevention
$this->convertSpecialChars($result, array("name", "url"));
// apply user-defined timezone, or default to station
$this->applyLiveTimezoneAdjustments($result, $timezone, $upcase);
// used by caller to determine if the airtime they are running or widgets in use is out of date.
$result["station"]["AIRTIME_API_VERSION"] = AIRTIME_API_VERSION;
header("Content-Type: application/json");
if (version_compare(phpversion(), '5.4.0', '<')) {
$js = json_encode($result);
} else {
$js = json_encode($result, JSON_PRETTY_PRINT);
}
// If a callback is not given, then just provide the raw JSON.
echo isset($_GET['callback']) ? $_GET['callback'].'('.$js.')' : $js;
} else {
header('HTTP/1.0 401 Unauthorized');
print _('You are not allowed to access this resource. ');
exit;
}
}
/**
* Check that the value for the timezone the user gave is valid.
* If it is, override the default (station) timezone.
* If it's an abbreviation (pst, edt) we upcase the output.
*
* @param string $userDefinedTimezone the requested timezone value
* @param string $timezone the default timezone
* @param boolean $upcase whether the timezone output should be upcased
*/
private function checkTimezone($userDefinedTimezone, &$timezone, &$upcase)
{
$delimiter = "/";
// if the user passes in a timezone in standard form ("Continent/City")
// we need to fix the downcased string by upcasing each word delimited by a /
if (strpos($userDefinedTimezone, $delimiter) !== false) {
$userDefinedTimezone = implode($delimiter, array_map('ucfirst', explode($delimiter, $userDefinedTimezone)));
}
// if the timezone defined by the user exists, use that
if (array_key_exists($userDefinedTimezone, timezone_abbreviations_list())) {
$timezone = $userDefinedTimezone;
$upcase = true;
} else if (in_array($userDefinedTimezone, timezone_identifiers_list())) {
$timezone = $userDefinedTimezone;
}
}
/**
* If the user passed in a timezone parameter, adjust timezone-dependent
* variables in the result to reflect the given timezone.
*
* @param object $result reference to the object to send back to the user
* @param string $timezone the user's timezone parameter value
* @param boolean $upcase whether the timezone output should be upcased
*/
private function applyLiveTimezoneAdjustments(&$result, $timezone, $upcase)
{
Application_Common_DateHelper::convertTimestampsToTimezone(
$result,
array("starts", "ends", "start_timestamp","end_timestamp"),
$timezone
);
//Convert the UTC scheduler time ("now") to the user-defined timezone.
$result["station"]["schedulerTime"] = Application_Common_DateHelper::UTCStringToTimezoneString($result["station"]["schedulerTime"], $timezone);
$result["station"]["timezone"] = $upcase ? strtoupper($timezone) : $timezone;
}
public function weekInfoAction()
{
if (Application_Model_Preference::GetAllow3rdPartyApi()) {
@ -332,15 +454,22 @@ class ApiController extends Zend_Controller_Action
"nextthursday", "nextfriday", "nextsaturday", "nextsunday");
$result = array();
// default to the station timezone
$timezone = Application_Model_Preference::GetDefaultTimezone();
$userDefinedTimezone = strtolower($this->getRequest()->getParam("timezone"));
// if the timezone defined by the user exists, use that
if (array_key_exists($userDefinedTimezone, timezone_abbreviations_list())) {
$timezone = $userDefinedTimezone;
}
$utcTimezone = new DateTimeZone("UTC");
$stationTimezone = new DateTimeZone(Application_Model_Preference::GetDefaultTimezone());
$weekStartDateTime->setTimezone($utcTimezone);
$utcDayStart = $weekStartDateTime->format("Y-m-d H:i:s");
for ($i = 0; $i < 14; $i++) {
//have to be in station timezone when adding 1 day for daylight savings.
$weekStartDateTime->setTimezone($stationTimezone);
$weekStartDateTime->setTimezone(new DateTimeZone($timezone));
$weekStartDateTime->add(new DateInterval('P1D'));
//convert back to UTC to get the actual timestamp used for search.
@ -350,28 +479,26 @@ class ApiController extends Zend_Controller_Action
$shows = Application_Model_Show::getNextShows($utcDayStart, "ALL", $utcDayEnd);
$utcDayStart = $utcDayEnd;
Application_Common_DateHelper::convertTimestamps(
// convert to user-defined timezone, or default to station
Application_Common_DateHelper::convertTimestampsToTimezone(
$shows,
array("starts", "ends", "start_timestamp","end_timestamp"),
"station"
$timezone
);
$result[$dow[$i]] = $shows;
}
// XSS exploit prevention
foreach ($dow as $d) {
foreach ($result[$d] as &$show) {
$show["name"] = htmlspecialchars($show["name"]);
$show["url"] = htmlspecialchars($show["url"]);
}
}
$this->convertSpecialChars($result, array("name", "url"));
//used by caller to determine if the airtime they are running or widgets in use is out of date.
$result['AIRTIME_API_VERSION'] = AIRTIME_API_VERSION;
header("Content-type: text/javascript");
$js = json_encode($result, JSON_PRETTY_PRINT);
// If a callback is not given, then just provide the raw JSON.
echo isset($_GET['callback']) ? $_GET['callback'].'('.json_encode($result).')' : json_encode($result);
echo isset($_GET['callback']) ? $_GET['callback'].'('.$js.')' : $js;
} else {
header('HTTP/1.0 401 Unauthorized');
print _('You are not allowed to access this resource. ');
@ -428,6 +555,94 @@ class ApiController extends Zend_Controller_Action
$this->_helper->json->sendJson(array("status"=>1, "message"=>""));
}
/**
* Go through a given array and sanitize any potentially exploitable fields
* by passing them through htmlspecialchars
*
* @param unknown $arr the array to sanitize
* @param unknown $keys indexes of values to be sanitized
*/
private function convertSpecialChars(&$arr, $keys)
{
foreach ($arr as &$a) {
if (is_array($a)) {
foreach ($keys as &$key) {
if (array_key_exists($key, $a)) {
$a[$key] = htmlspecialchars($a[$key]);
}
}
$this->convertSpecialChars($a, $keys);
}
}
}
/**
* API endpoint to provide station metadata
*/
public function stationMetadataAction()
{
if (Application_Model_Preference::GetAllow3rdPartyApi()) {
// disable the view and the layout
$this->view->layout()->disableLayout();
$this->_helper->viewRenderer->setNoRender(true);
$CC_CONFIG = Config::getConfig();
$baseDir = Application_Common_OsPath::formatDirectoryWithDirectorySeparators($CC_CONFIG['baseDir']);
$path = 'http://'.$_SERVER['HTTP_HOST'].$baseDir."api/station-logo";
$result["name"] = Application_Model_Preference::GetStationName();
$result["logo"] = $path;
$result["description"] = Application_Model_Preference::GetStationDescription();
$result["timezone"] = Application_Model_Preference::GetDefaultTimezone();
$result["locale"] = Application_Model_Preference::GetDefaultLocale();
// used by caller to determine if the airtime they are running or widgets in use is out of date.
$result['AIRTIME_API_VERSION'] = AIRTIME_API_VERSION;
header("Content-type: text/javascript");
$js = json_encode($result, JSON_PRETTY_PRINT);
// If a callback is not given, then just provide the raw JSON.
echo isset($_GET['callback']) ? $_GET['callback'].'('.$js.')' : $js;
} else {
header('HTTP/1.0 401 Unauthorized');
print _('You are not allowed to access this resource. ');
exit;
}
}
/**
* API endpoint to display the current station logo
*/
public function stationLogoAction()
{
if (Application_Model_Preference::GetAllow3rdPartyApi()) {
// disable the view and the layout
$this->view->layout()->disableLayout();
$this->_helper->viewRenderer->setNoRender(true);
$logo = Application_Model_Preference::GetStationLogo();
// if there's no logo, just die - redirects to a 404
if (!$logo || $logo === '') {
return;
}
// we're passing this as an image instead of using it in a data uri, so decode it
$blob = base64_decode($logo);
// use finfo to get the mimetype from the decoded blob
$f = finfo_open();
$mime_type = finfo_buffer($f, $blob, FILEINFO_MIME_TYPE);
finfo_close($f);
header("Content-type: " . $mime_type);
echo $blob;
} else {
header('HTTP/1.0 401 Unauthorized');
print _('You are not allowed to access this resource. ');
exit;
}
}
public function recordedShowsAction()
{
$utcTimezone = new DateTimeZone("UTC");

27
airtime_mvc/application/controllers/PluploadController.php
View file

@ -30,6 +30,33 @@ class PluploadController extends Zend_Controller_Action
if (Application_Model_Systemstatus::isDiskOverQuota()) {
$this->view->quotaLimitReached = true;
}
$csrf_namespace = new Zend_Session_Namespace('csrf_namespace');
$csrf_namespace->setExpirationSeconds(5*60*60);
$csrf_namespace->authtoken = sha1(uniqid(rand(),1));
$csrf_element = new Zend_Form_Element_Hidden('csrf');
$csrf_element->setValue($csrf_namespace->authtoken)->setRequired('true')->removeDecorator('HtmlTag')->removeDecorator('Label');
$csrf_form = new Zend_Form();
$csrf_form->addElement($csrf_element);
$this->view->form = $csrf_form;
}
public function uploadAction()
{
$current_namespace = new Zend_Session_Namespace('csrf_namespace');
$observed_csrf_token = $this->_getParam('csrf_token');
$expected_csrf_token = $current_namespace->authtoken;
if($observed_csrf_token == $expected_csrf_token){
$upload_dir = ini_get("upload_tmp_dir") . DIRECTORY_SEPARATOR . "plupload";
$tempFilePath = Application_Model_StoredFile::uploadFile($upload_dir);
$tempFileName = basename($tempFilePath);
$this->_helper->json->sendJson(array("jsonrpc" => "2.0", "tempfilepath" => $tempFileName));
}else{
$this->_helper->json->sendJson(array("jsonrpc" => "2.0", "valid" => false, "error" => "CSRF token did not match."));
}
}
public function recentUploadsAction()

4
airtime_mvc/application/controllers/PreferenceController.php
View file

@ -171,6 +171,10 @@ class PreferenceController extends Zend_Controller_Action
$num_of_stream = intval(Application_Model_Preference::GetNumOfStreams());
$form = new Application_Form_StreamSetting();
$form->addElement('hash', 'csrf', array(
'salt' => 'unique'
));
$form->setSetting($setting);
$form->startFrom();

2
airtime_mvc/application/controllers/ScheduleController.php
View file

@ -297,7 +297,7 @@ class ScheduleController extends Zend_Controller_Action
public function getCurrentPlaylistAction()
{
$range = Application_Model_Schedule::GetPlayOrderRange();
$range = Application_Model_Schedule::GetPlayOrderRangeOld();
$show = Application_Model_Show::getCurrentShow();
/* Convert all UTC times to localtime before sending back to user. */

4
airtime_mvc/application/forms/AddUser.php
View file

@ -21,6 +21,10 @@ class Application_Form_AddUser extends Zend_Form
$hidden->setDecorators(array('ViewHelper'));
$this->addElement($hidden);
$this->addElement('hash', 'csrf', array(
'salt' => 'unique'
));
$login = new Zend_Form_Element_Text('login');
$login->setLabel(_('Username:'));
$login->setAttrib('class', 'input_text');

4
airtime_mvc/application/forms/EditUser.php
View file

@ -23,6 +23,10 @@ class Application_Form_EditUser extends Zend_Form
array('ViewScript', array('viewScript' => 'form/edit-user.phtml', "currentUser" => $currentUser->getLogin()))));
$this->setAttrib('id', 'current-user-form');
$this->addElement('hash', 'csrf', array(
'salt' => 'unique'
));
$hidden = new Zend_Form_Element_Hidden('cu_user_id');
$hidden->setDecorators(array('ViewHelper'));
$hidden->setValue($userData["id"]);

4
airtime_mvc/application/forms/Login.php
View file

@ -10,6 +10,10 @@ class Application_Form_Login extends Zend_Form
// Set the method for the display form to POST
$this->setMethod('post');
$this->addElement('hash', 'csrf', array(
'salt' => 'unique'
));
$this->setDecorators(array(
array('ViewScript', array('viewScript' => 'form/login.phtml'))
));

8
airtime_mvc/application/forms/Preferences.php
View file

@ -13,6 +13,14 @@ class Application_Form_Preferences extends Zend_Form
));
$general_pref = new Application_Form_GeneralPreferences();
$this->addElement('hash', 'csrf', array(
'salt' => 'unique',
'decorators' => array(
'ViewHelper'
)
));
$this->addSubForm($general_pref, 'preferences_general');
$soundcloud_pref = new Application_Form_SoundcloudPreferences();

5
airtime_mvc/application/models/Auth.php
View file

@ -120,8 +120,11 @@ class Application_Model_Auth
*/
public static function pinSessionToClient($auth)
{
$CC_CONFIG = Config::getConfig();
$serverName = isset($_SERVER['SERVER_NAME']) ? $_SERVER['SERVER_NAME'] : "";
$remoteAddr = isset($_SERVER['REMOTE_ADDR']) ? $_SERVER['REMOTE_ADDR'] : "";
$auth->setStorage(new Zend_Auth_Storage_Session('Airtime' . $serverName . $remoteAddr . Application_Model_Preference::GetClientId()));
$sessionIdentifier = 'Airtime' . '-' . $serverName . '-' . $remoteAddr . '-' . Application_Model_Preference::GetClientId() . '-' . $CC_CONFIG["baseDir"];
$auth->setStorage(new Zend_Auth_Storage_Session($sessionIdentifier));
}
}

62
airtime_mvc/application/models/Schedule.php
View file

@ -56,14 +56,11 @@ SQL;
return $real_streams;
}
/**
* Returns data related to the scheduled items.
*
* @param int $p_prev
* @param int $p_next
* @return date
*/
public static function GetPlayOrderRange($p_prev = 1, $p_next = 1)
public static function GetPlayOrderRange($utcTimeEnd = null, $showsToRetrieve = 5)
{
//Everything in this function must be done in UTC. You will get a swift kick in the pants if you mess that up.
@ -74,23 +71,70 @@ SQL;
return array();
}
// when timeEnd is unspecified, return to the default behaviour - set a range of 48 hours from current time
if (!$utcTimeEnd) {
$end = new DateTime();
$end->add(new DateInterval("P2D")); // Add 2 days
$end->setTimezone(new DateTimeZone("UTC"));
$utcTimeEnd = $end->format("Y-m-d H:i:s");
}
$utcNow = new DateTime("now", new DateTimeZone("UTC"));
$shows = Application_Model_Show::getPrevCurrentNext($utcNow);
$shows = Application_Model_Show::getPrevCurrentNext($utcNow, $utcTimeEnd, $showsToRetrieve);
$previousShowID = count($shows['previousShow'])>0?$shows['previousShow'][0]['instance_id']:null;
$currentShowID = count($shows['currentShow'])>0?$shows['currentShow']['instance_id']:null;
$nextShowID = count($shows['nextShow'])>0?$shows['nextShow'][0]['instance_id']:null;
$results = self::GetPrevCurrentNext($previousShowID, $currentShowID, $nextShowID, $utcNow);
$range = array(
"station" => array (
"env" => APPLICATION_ENV,
"schedulerTime" => $utcNow->format("Y-m-d H:i:s")
),
//Previous, current, next songs!
"tracks" => array(
"previous" => $results['previous'],
"current" => $results['current'],
"next" => $results['next']
),
//Current and next shows
"shows" => array (
"previous" => $shows['previousShow'],
"current" => $shows['currentShow'],
"next" => $shows['nextShow']
)
);
return $range;
}
/**
* Old version of the function for backwards compatibility
* @deprecated
*/
public static function GetPlayOrderRangeOld()
{
// Everything in this function must be done in UTC. You will get a swift kick in the pants if you mess that up.
$utcNow = new DateTime("now", new DateTimeZone("UTC"));
$shows = Application_Model_Show::getPrevCurrentNextOld($utcNow);
$previousShowID = count($shows['previousShow'])>0?$shows['previousShow'][0]['instance_id']:null;
$currentShowID = count($shows['currentShow'])>0?$shows['currentShow'][0]['instance_id']:null;
$nextShowID = count($shows['nextShow'])>0?$shows['nextShow'][0]['instance_id']:null;
$results = self::GetPrevCurrentNext($previousShowID, $currentShowID, $nextShowID, $utcNow);
$range = array("env"=>APPLICATION_ENV,
"schedulerTime"=> $utcNow->format("Y-m-d H:i:s"),
$range = array(
"env" => APPLICATION_ENV,
"schedulerTime" => $utcNow->format("Y-m-d H:i:s"),
//Previous, current, next songs!
"previous"=>$results['previous'] !=null?$results['previous']:(count($shows['previousShow'])>0?$shows['previousShow'][0]:null),
"current"=>$results['current'] !=null?$results['current']:((count($shows['currentShow'])>0 && $shows['currentShow'][0]['record'] == 1)?$shows['currentShow'][0]:null),
"next"=> $results['next'] !=null?$results['next']:(count($shows['nextShow'])>0?$shows['nextShow'][0]:null),
//Current and next shows
"currentShow"=>$shows['currentShow'],
"nextShow"=>$shows['nextShow'],
"nextShow"=>$shows['nextShow']
);
return $range;

94
airtime_mvc/application/models/Show.php
View file

@ -1111,6 +1111,95 @@ SQL;
return $rows;
}
/**
* Gets the current show, previous and next with an n-day window from
* the given timeNow, so timeNow-2days and timeNow+$daysToRetrieve days.
*
* @param $utcNow A DateTime object containing the current time in UTC.
* @return An array containing the previous show,
* current show, and next show.
*/
public static function getPrevCurrentNext($utcNow, $utcEndStr, $showsToRetrieve)
{
$timeZone = new DateTimeZone("UTC"); //This function works entirely in UTC.
assert(get_class($utcNow) === "DateTime");
assert($utcNow->getTimeZone() == $timeZone);
$CC_CONFIG = Config::getConfig();
$con = Propel::getConnection();
// This will fetch the currently playing show first, then any
// upcoming shows within our interval, and finally move on to
// previous shows in the past 2 days.
$sql = <<<SQL
SELECT s.name,
s.description,
s.genre,
s.id,
si.id AS instance_id,
si.description AS instance_description,
si.record,
s.url,
s.image_path,
starts,
ends
FROM cc_show_instances si
LEFT JOIN cc_show s
ON si.show_id = s.id
WHERE si.show_id = s.id
AND si.starts >= :timeNow::timestamp - INTERVAL '2 days'
AND si.starts < :timeEnd::timestamp
AND modified_instance != TRUE
ORDER BY
CASE
WHEN si.ends > :timeNow::timestamp
AND si.starts < :timeNow::timestamp THEN 1
WHEN si.starts > :timeNow::timestamp THEN 2
ELSE 3
END
LIMIT :lim
SQL;
$stmt = $con->prepare($sql);
$utcNowStr = $utcNow->format("Y-m-d H:i:s");
$stmt->bindValue(':timeNow', $utcNowStr);
$stmt->bindValue(':timeEnd', $utcEndStr);
$stmt->bindValue(':lim', $showsToRetrieve);
if ($stmt->execute()) {
// use PDO::FETCH_ASSOC to only get the associative values
// note that fetchAll() defaults to PDO::FETCH_BOTH, which we don't want
$rows = $stmt->fetchAll(PDO::FETCH_ASSOC);
} else {
$msg = implode(',', $stmt->errorInfo());
throw new Exception("Error: $msg");
}
$numberOfRows = count($rows);
$results['previousShow'] = array();
$results['currentShow'] = null;
$results['nextShow'] = array();
for ($i = 0; $i < $numberOfRows; ++$i) {
// all shows start/end times are stored in the database as UTC.
$showStartTime = new DateTime($rows[$i]['starts'], $timeZone);
$showEndTime = new DateTime($rows[$i]['ends'], $timeZone);
// Find the show that is within the current time.
if (($showStartTime <= $utcNow) && ($showEndTime > $utcNow)) {
$results['currentShow'] = $rows[$i];
} else if ($showEndTime < $utcNow ) {
array_push($results['previousShow'], $rows[$i]);
} else if ($showStartTime > $utcNow) {
array_push($results['nextShow'], $rows[$i]);
}
}
return $results;
}
/**
* Gets the current show, previous and next with an 2day window from
* the given timeNow, so timeNow-2days and timeNow+2days.
@ -1118,8 +1207,9 @@ SQL;
* @param $utcNow A DateTime object containing the current time in UTC.
* @return An array (with stupid sub-arrays) containing the previous show id,
* current show id, and next show id.
* @deprecated
*/
public static function getPrevCurrentNext($utcNow)
public static function getPrevCurrentNextOld($utcNow)
{
$timeZone = new DateTimeZone("UTC"); //This function works entirely in UTC.
assert(get_class($utcNow) === "DateTime");
@ -1159,7 +1249,7 @@ SQL;
$stmt->bindValue(':timeNow2', $utcNowStr);
if ($stmt->execute()) {
$rows = $stmt->fetchAll();
$rows = $stmt->fetchAll(PDO::FETCH_ASSOC);
} else {
$msg = implode(',', $stmt->errorInfo());
throw new Exception("Error: $msg");

4
airtime_mvc/application/views/scripts/form/edit-user.phtml
View file

@ -166,6 +166,10 @@
</ul>
<?php endif; ?>
</dd>
<?php echo $this->element->getElement('csrf') ?>
<button type="submit" id="cu_save_user" class="btn btn-small right-floated"><?php echo _("Save")?></button>
</dl>
<button type="submit" id="cu_save_user" class="btn btn-small right-floated"><?php echo _("Save")?></button>
</form>

2
airtime_mvc/application/views/scripts/form/login.phtml
View file

@ -28,6 +28,8 @@
<?php echo $this->element->getElement('locale') ?>
</dd>
<?php echo $this->element->getElement('csrf') ?>
<?php if (Application_Model_Preference::GetEnableSystemEmail()): ?>
<dt id="reset-label" class="hidden">&nbsp;</dt>
<dd id="reset-element" class="text-right">

2
airtime_mvc/application/views/scripts/form/preferences.phtml
View file

@ -1,5 +1,5 @@
<form method="<?php echo $this->element->getMethod() ?>" enctype="multipart/form-data">
<?php echo $this->element->getElement('csrf') ?>
<?php echo $this->element->getSubform('preferences_general') ?>
<h3 class="collapsible-header" id="soundcloud-heading"><span class="arrow-icon"></span><? echo _("SoundCloud Settings") ?></h3>

1
airtime_mvc/application/views/scripts/plupload/index.phtml
View file

@ -11,6 +11,7 @@
}
?>
<form id="plupload_form" <?php if ($this->quotaLimitReached) { ?> class="hidden" <?php } ?>>
<?php echo $this->form->getElement('csrf') ?>
<div id="plupload_files"></div>
</form>
<div id="plupload_error">

1
airtime_mvc/application/views/scripts/preference/stream-setting.phtml
View file

@ -4,6 +4,7 @@
<?php if($this->enable_stream_conf == "true"){?>
<form method="post" id="stream_form" enctype="application/x-www-form-urlencoded">
<button name="stream_save" id="stream_save" type="button" class="btn btn-small right-floated"><?php echo _("Save") ?></button>
<?php echo $this->form->getElement('csrf') ?>
<div style="clear:both"></div>
<?php }?>
<?php echo $this->statusMsg;?>

BIN
airtime_mvc/locale/en_GB/LC_MESSAGES/airtime.mo
View file

Binary file not shown.

BIN
airtime_mvc/locale/es_ES/LC_MESSAGES/airtime.mo
View file

Binary file not shown.

BIN
airtime_mvc/locale/fr_FR/LC_MESSAGES/airtime.mo
View file

Binary file not shown.

BIN
airtime_mvc/locale/hu_HU/LC_MESSAGES/airtime.mo
View file

Binary file not shown.

BIN
airtime_mvc/locale/ja/LC_MESSAGES/airtime.mo
View file

Binary file not shown.

40
airtime_mvc/locale/ja/LC_MESSAGES/airtime.po
View file

@ -11,7 +11,7 @@ msgstr ""
"Project-Id-Version: Airtime\n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2013-12-13 12:58-0500\n"
"PO-Revision-Date: 2014-09-17 23:48+0000\n"
"PO-Revision-Date: 2014-10-03 05:40+0000\n"
"Last-Translator: Kazuhiro Shimbo <kazuhiro.shimbo@mail.rakuten.com>\n"
"Language-Team: Japanese (http://www.transifex.com/projects/p/airtime/language/ja/)\n"
"MIME-Version: 1.0\n"
@ -1007,11 +1007,11 @@ msgstr "オリジナルの長さ:"
#: airtime_mvc/application/views/scripts/playlist/update.phtml:54
msgid "Expand Static Block"
msgstr ""
msgstr "スマート・ブロックの拡張"
#: airtime_mvc/application/views/scripts/playlist/update.phtml:59
msgid "Expand Dynamic Block"
msgstr ""
msgstr "自動生成スマート・ブロックを拡張する"
#: airtime_mvc/application/views/scripts/playlist/update.phtml:135
msgid "Empty smart block"
@ -1275,11 +1275,11 @@ msgstr "ウェブ配信"
#: airtime_mvc/application/views/scripts/library/get-file-metadata.ajax.phtml:46
msgid "Dynamic Smart Block"
msgstr ""
msgstr "自動生成スマート・ブロック"
#: airtime_mvc/application/views/scripts/library/get-file-metadata.ajax.phtml:47
msgid "Static Smart Block"
msgstr ""
msgstr "スマート・ブロック"
#: airtime_mvc/application/views/scripts/library/get-file-metadata.ajax.phtml:48
msgid "Audio Track"
@ -1291,11 +1291,11 @@ msgstr "プレイリストの内容:"
#: airtime_mvc/application/views/scripts/library/get-file-metadata.ajax.phtml:65
msgid "Static Smart Block Contents: "
msgstr ""
msgstr "スマート・ブロックの内容:"
#: airtime_mvc/application/views/scripts/library/get-file-metadata.ajax.phtml:104
msgid "Dynamic Smart Block Criteria: "
msgstr ""
msgstr "自動生成スマート・ブロックの基準:"
#: airtime_mvc/application/views/scripts/library/get-file-metadata.ajax.phtml:137
msgid "Limit to "
@ -1658,7 +1658,7 @@ msgstr "番組 %s は以前に更新されています。"
msgid ""
"Content in linked shows must be scheduled before or after any one is "
"broadcasted"
msgstr ""
msgstr "同期された配信内容を配信中に変更することはできません。"
#: airtime_mvc/application/models/Scheduler.php:200
#: airtime_mvc/application/models/Scheduler.php:289
@ -2015,7 +2015,7 @@ msgstr "お使いのブラウザはこのファイル形式の再生に対応し
#: airtime_mvc/application/controllers/LocaleController.php:117
msgid "Dynamic block is not previewable"
msgstr ""
msgstr "自動生成スマート・ブロックはプレビューできません"
#: airtime_mvc/application/controllers/LocaleController.php:118
msgid "Limit to: "
@ -2164,19 +2164,19 @@ msgid ""
" every song. If you are using an OGG stream and your listeners do not "
"require support for these audio players, then feel free to enable this "
"option."
msgstr ""
msgstr "このオプションをチェックしてOGGストリームのメタデータを有効にしてくださいストリームメタデータとは、トラックタイトル、アーティスト、オーディオプレーヤーに表示される名前のことです。メタデータ情報を有効にしてOGG/ Vorbisのストリームを再生すると、VLCとmplayerはすべての曲を再生した後にストリームから切断される重大なバグを発生させます。OGGストリームを使用していて、リスナーがこれらのオーディオプレーヤーのためのサポートを必要としない場合は、このオプションを有効にして下さい。"
#: airtime_mvc/application/controllers/LocaleController.php:170
msgid ""
"Check this box to automatically switch off Master/Show source upon source "
"disconnection."
msgstr ""
msgstr "このボックスにチェックを入れると、ソースが切断された時に番組ソースに自動的に切り替わります。"
#: airtime_mvc/application/controllers/LocaleController.php:171
msgid ""
"Check this box to automatically switch on Master/Show source upon source "
"connection."
msgstr ""
msgstr "このボックスをクリックすると、ソースが接続された時にマスターソースに自動的に切り替わります。"
#: airtime_mvc/application/controllers/LocaleController.php:172
msgid ""
@ -2507,7 +2507,7 @@ msgstr "終了"
#: airtime_mvc/application/controllers/LocaleController.php:266
msgid "Duration"
msgstr ""
msgstr "長さ"
#: airtime_mvc/application/controllers/LocaleController.php:276
msgid "Show Empty"
@ -2867,7 +2867,7 @@ msgstr "エントリーを作成"
#: airtime_mvc/application/controllers/LocaleController.php:390
msgid "Edit History Record"
msgstr ""
msgstr "配信履歴を編集"
#: airtime_mvc/application/controllers/LocaleController.php:393
#, php-format
@ -2956,7 +2956,7 @@ msgstr "%sの古いバージョンを閲覧しています。"
#: airtime_mvc/application/controllers/PlaylistController.php:123
msgid "You cannot add tracks to dynamic blocks."
msgstr ""
msgstr "自動生成スマート・ブロックにトラックを追加することはできません。"
#: airtime_mvc/application/controllers/PlaylistController.php:144
#, php-format
@ -3252,11 +3252,11 @@ msgstr "リピート間隔:"
#: airtime_mvc/application/forms/AddShowRepeats.php:50
msgid "day of the month"
msgstr ""
msgstr "毎月特定日"
#: airtime_mvc/application/forms/AddShowRepeats.php:50
msgid "day of the week"
msgstr ""
msgstr "毎月特定曜日"
#: airtime_mvc/application/forms/AddShowRepeats.php:56
#: airtime_mvc/application/forms/DateRange.php:44
@ -3467,7 +3467,7 @@ msgstr "ステーション名 - 番組名"
#: airtime_mvc/application/forms/StreamSetting.php:63
msgid "Off Air Metadata"
msgstr ""
msgstr "オフエアーメタデータ"
#: airtime_mvc/application/forms/StreamSetting.php:69
msgid "Enable Replay Gain"
@ -3636,11 +3636,11 @@ msgstr "スマートブロックの形式:"
#: airtime_mvc/application/forms/SmartBlockCriteria.php:170
msgid "Static"
msgstr ""
msgstr "スマート・ブロック"
#: airtime_mvc/application/forms/SmartBlockCriteria.php:171
msgid "Dynamic"
msgstr ""
msgstr "自動生成スマート・ブロック"
#: airtime_mvc/application/forms/SmartBlockCriteria.php:285
msgid "Allow Repeat Tracks:"

BIN
airtime_mvc/locale/pt_BR/LC_MESSAGES/airtime.mo
View file

Binary file not shown.

10
airtime_mvc/public/index.php
View file

@ -1,5 +1,15 @@
<?php
// Only enable cookie secure if we are supporting https.
// Ideally, this would always be on and we would force https,
// but the default installation configs are likely to be installed by
// amature users on the setup that does not have https. Forcing
// cookie_secure on non https would result in confusing login problems.
if(!empty($_SERVER['HTTPS'])){
ini_set('session.cookie_secure', '1');
}
ini_set('session.cookie_httponly', '1');
error_reporting(E_ALL|E_STRICT);
function exception_error_handler($errno, $errstr, $errfile, $errline)

5
airtime_mvc/public/js/airtime/library/plupload.js
View file

@ -23,7 +23,10 @@ $(document).ready(function() {
multiple_queues : 'true',
filters : [
{title: "Audio Files", extensions: "ogg,mp3,oga,flac,wav,m4a,mp4,opus"}
]
],
multipart_params : {
"csrf_token" : $("#csrf").attr('value'),
}
});
uploader = $("#plupload_files").pluploadQueue();

2
airtime_mvc/public/js/airtime/schedule/add-show.js
View file

@ -354,6 +354,8 @@ function setAddShowEvents(form) {
startTimeField.val(json.start.time);
endDateField.val(json.end.date);
endTimeField.val(json.end.time);
// Change the timezone now that we've updated the times
currentTimezone = newTimezone;
});
});

1
airtime_mvc/public/js/libs/underscore-min.js vendored
View file

File diff suppressed because one or more lines are too long

2
install_full/ubuntu/airtime-full-install
View file

@ -29,8 +29,10 @@ echo "----------------------------------------------------"
dist=`lsb_release -is`
code=`lsb_release -cs`
set +e
apache2 -v | grep "2\.4" > /dev/null
apacheversion=$?
set -e
#enable squeeze backports to get lame packages
if [ "$dist" = "Debian" -a "$code" = "squeeze" ]; then