Resolved merge conflicts for merging cc-5709-airtime-analyzer into saas.
This commit is contained in:
Robert Elder
commit
9fb35c448e
24 changed files with 165 additions and 106 deletions
|
|
@ -61,6 +61,7 @@ class LoginController extends Zend_Controller_Action
|
|||
|
||||
$result = $auth->authenticate($authAdapter);
|
||||
if ($result->isValid()) {
|
||||
Zend_Session::regenerateId();
|
||||
//all info about this user from the login table omit only the password
|
||||
$userInfo = $authAdapter->getResultRowObject(null, 'password');
|
||||
|
||||
|
|
@ -81,6 +82,7 @@ class LoginController extends Zend_Controller_Action
|
|||
$auth = Zend_Auth::getInstance();
|
||||
$result = $auth->authenticate($authAdapter);
|
||||
if ($result->isValid()) {
|
||||
Zend_Session::regenerateId();
|
||||
//set the user locale in case user changed it in when logging in
|
||||
Application_Model_Preference::SetUserLocale($locale);
|
||||
|
||||
|
|
|
|||
|
|
@ -30,6 +30,33 @@ class PluploadController extends Zend_Controller_Action
|
|||
if (Application_Model_Systemstatus::isDiskOverQuota()) {
|
||||
$this->view->quotaLimitReached = true;
|
||||
}
|
||||
|
||||
$csrf_namespace = new Zend_Session_Namespace('csrf_namespace');
|
||||
$csrf_namespace->setExpirationSeconds(5*60*60);
|
||||
$csrf_namespace->authtoken = sha1(uniqid(rand(),1));
|
||||
|
||||
$csrf_element = new Zend_Form_Element_Hidden('csrf');
|
||||
$csrf_element->setValue($csrf_namespace->authtoken)->setRequired('true')->removeDecorator('HtmlTag')->removeDecorator('Label');
|
||||
$csrf_form = new Zend_Form();
|
||||
$csrf_form->addElement($csrf_element);
|
||||
$this->view->form = $csrf_form;
|
||||
}
|
||||
|
||||
public function uploadAction()
|
||||
{
|
||||
$current_namespace = new Zend_Session_Namespace('csrf_namespace');
|
||||
$observed_csrf_token = $this->_getParam('csrf_token');
|
||||
$expected_csrf_token = $current_namespace->authtoken;
|
||||
|
||||
if($observed_csrf_token == $expected_csrf_token){
|
||||
$upload_dir = ini_get("upload_tmp_dir") . DIRECTORY_SEPARATOR . "plupload";
|
||||
$tempFilePath = Application_Model_StoredFile::uploadFile($upload_dir);
|
||||
$tempFileName = basename($tempFilePath);
|
||||
|
||||
$this->_helper->json->sendJson(array("jsonrpc" => "2.0", "tempfilepath" => $tempFileName));
|
||||
}else{
|
||||
$this->_helper->json->sendJson(array("jsonrpc" => "2.0", "valid" => false, "error" => "CSRF token did not match."));
|
||||
}
|
||||
}
|
||||
|
||||
public function recentUploadsAction()
|
||||
|
|
|
|||
|
|
@ -171,6 +171,10 @@ class PreferenceController extends Zend_Controller_Action
|
|||
$num_of_stream = intval(Application_Model_Preference::GetNumOfStreams());
|
||||
$form = new Application_Form_StreamSetting();
|
||||
|
||||
$form->addElement('hash', 'csrf', array(
|
||||
'salt' => 'unique'
|
||||
));
|
||||
|
||||
$form->setSetting($setting);
|
||||
$form->startFrom();
|
||||
|
||||
|
|
|
|||
|
|
@ -21,6 +21,10 @@ class Application_Form_AddUser extends Zend_Form
|
|||
$hidden->setDecorators(array('ViewHelper'));
|
||||
$this->addElement($hidden);
|
||||
|
||||
$this->addElement('hash', 'csrf', array(
|
||||
'salt' => 'unique'
|
||||
));
|
||||
|
||||
$login = new Zend_Form_Element_Text('login');
|
||||
$login->setLabel(_('Username:'));
|
||||
$login->setAttrib('class', 'input_text');
|
||||
|
|
|
|||
|
|
@ -22,6 +22,10 @@ class Application_Form_EditUser extends Zend_Form
|
|||
$this->setDecorators(array(
|
||||
array('ViewScript', array('viewScript' => 'form/edit-user.phtml', "currentUser" => $currentUser->getLogin()))));
|
||||
$this->setAttrib('id', 'current-user-form');
|
||||
|
||||
$this->addElement('hash', 'csrf', array(
|
||||
'salt' => 'unique'
|
||||
));
|
||||
|
||||
$hidden = new Zend_Form_Element_Hidden('cu_user_id');
|
||||
$hidden->setDecorators(array('ViewHelper'));
|
||||
|
|
|
|||
|
|
@ -10,6 +10,10 @@ class Application_Form_Login extends Zend_Form
|
|||
// Set the method for the display form to POST
|
||||
$this->setMethod('post');
|
||||
|
||||
$this->addElement('hash', 'csrf', array(
|
||||
'salt' => 'unique'
|
||||
));
|
||||
|
||||
$this->setDecorators(array(
|
||||
array('ViewScript', array('viewScript' => 'form/login.phtml'))
|
||||
));
|
||||
|
|
|
|||
|
|
@ -13,6 +13,14 @@ class Application_Form_Preferences extends Zend_Form
|
|||
));
|
||||
|
||||
$general_pref = new Application_Form_GeneralPreferences();
|
||||
|
||||
$this->addElement('hash', 'csrf', array(
|
||||
'salt' => 'unique',
|
||||
'decorators' => array(
|
||||
'ViewHelper'
|
||||
)
|
||||
));
|
||||
|
||||
$this->addSubForm($general_pref, 'preferences_general');
|
||||
|
||||
$soundcloud_pref = new Application_Form_SoundcloudPreferences();
|
||||
|
|
|
|||
|
|
@ -166,6 +166,7 @@
|
|||
</ul>
|
||||
<?php endif; ?>
|
||||
</dd>
|
||||
<?php echo $this->element->getElement('csrf') ?>
|
||||
</dl>
|
||||
<button type="submit" id="cu_save_user" class="btn btn-small right-floated"><?php echo _("Save")?></button>
|
||||
</form>
|
||||
|
|
|
|||
|
|
@ -27,6 +27,8 @@
|
|||
<dd id="locale-element">
|
||||
<?php echo $this->element->getElement('locale') ?>
|
||||
</dd>
|
||||
|
||||
<?php echo $this->element->getElement('csrf') ?>
|
||||
|
||||
<?php if (Application_Model_Preference::GetEnableSystemEmail()): ?>
|
||||
<dt id="reset-label" class="hidden"> </dt>
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
<form method="<?php echo $this->element->getMethod() ?>" enctype="multipart/form-data">
|
||||
|
||||
<?php echo $this->element->getElement('csrf') ?>
|
||||
<?php echo $this->element->getSubform('preferences_general') ?>
|
||||
|
||||
<h3 class="collapsible-header" id="soundcloud-heading"><span class="arrow-icon"></span><? echo _("SoundCloud Settings") ?></h3>
|
||||
|
|
|
|||
|
|
@ -2,6 +2,7 @@
|
|||
#plupload_files input[type="file"] {
|
||||
font-size: 200px !important;
|
||||
}
|
||||
<<<<<<< HEAD
|
||||
</style>
|
||||
<?php if ($this->quotaLimitReached) { ?>
|
||||
<div class="errors quota-reached">
|
||||
|
|
@ -11,7 +12,8 @@
|
|||
}
|
||||
?>
|
||||
<form id="plupload_form" <?php if ($this->quotaLimitReached) { ?> class="hidden" <?php } ?>>
|
||||
<div id="plupload_files"></div>
|
||||
<?php echo $this->form->getElement('csrf') ?>
|
||||
<div id="plupload_files"></div>
|
||||
</form>
|
||||
<div id="plupload_error">
|
||||
<table></table>
|
||||
|
|
|
|||
|
|
@ -4,6 +4,7 @@
|
|||
<?php if($this->enable_stream_conf == "true"){?>
|
||||
<form method="post" id="stream_form" enctype="application/x-www-form-urlencoded">
|
||||
<button name="stream_save" id="stream_save" type="button" class="btn btn-small right-floated"><?php echo _("Save") ?></button>
|
||||
<?php echo $this->form->getElement('csrf') ?>
|
||||
<div style="clear:both"></div>
|
||||
<?php }?>
|
||||
<?php echo $this->statusMsg;?>
|
||||
|
|
|
|||
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
|
|
@ -11,7 +11,7 @@ msgstr ""
|
|||
"Project-Id-Version: Airtime\n"
|
||||
"Report-Msgid-Bugs-To: \n"
|
||||
"POT-Creation-Date: 2013-12-13 12:58-0500\n"
|
||||
"PO-Revision-Date: 2014-09-17 23:48+0000\n"
|
||||
"PO-Revision-Date: 2014-10-03 05:40+0000\n"
|
||||
"Last-Translator: Kazuhiro Shimbo <kazuhiro.shimbo@mail.rakuten.com>\n"
|
||||
"Language-Team: Japanese (http://www.transifex.com/projects/p/airtime/language/ja/)\n"
|
||||
"MIME-Version: 1.0\n"
|
||||
|
|
@ -1007,11 +1007,11 @@ msgstr "オリジナルの長さ:"
|
|||
|
||||
#: airtime_mvc/application/views/scripts/playlist/update.phtml:54
|
||||
msgid "Expand Static Block"
|
||||
msgstr ""
|
||||
msgstr "スマート・ブロックの拡張"
|
||||
|
||||
#: airtime_mvc/application/views/scripts/playlist/update.phtml:59
|
||||
msgid "Expand Dynamic Block"
|
||||
msgstr ""
|
||||
msgstr "自動生成スマート・ブロックを拡張する"
|
||||
|
||||
#: airtime_mvc/application/views/scripts/playlist/update.phtml:135
|
||||
msgid "Empty smart block"
|
||||
|
|
@ -1275,11 +1275,11 @@ msgstr "ウェブ配信"
|
|||
|
||||
#: airtime_mvc/application/views/scripts/library/get-file-metadata.ajax.phtml:46
|
||||
msgid "Dynamic Smart Block"
|
||||
msgstr ""
|
||||
msgstr "自動生成スマート・ブロック"
|
||||
|
||||
#: airtime_mvc/application/views/scripts/library/get-file-metadata.ajax.phtml:47
|
||||
msgid "Static Smart Block"
|
||||
msgstr ""
|
||||
msgstr "スマート・ブロック"
|
||||
|
||||
#: airtime_mvc/application/views/scripts/library/get-file-metadata.ajax.phtml:48
|
||||
msgid "Audio Track"
|
||||
|
|
@ -1291,11 +1291,11 @@ msgstr "プレイリストの内容:"
|
|||
|
||||
#: airtime_mvc/application/views/scripts/library/get-file-metadata.ajax.phtml:65
|
||||
msgid "Static Smart Block Contents: "
|
||||
msgstr ""
|
||||
msgstr "スマート・ブロックの内容:"
|
||||
|
||||
#: airtime_mvc/application/views/scripts/library/get-file-metadata.ajax.phtml:104
|
||||
msgid "Dynamic Smart Block Criteria: "
|
||||
msgstr ""
|
||||
msgstr "自動生成スマート・ブロックの基準:"
|
||||
|
||||
#: airtime_mvc/application/views/scripts/library/get-file-metadata.ajax.phtml:137
|
||||
msgid "Limit to "
|
||||
|
|
@ -1658,7 +1658,7 @@ msgstr "番組 %s は以前に更新されています。"
|
|||
msgid ""
|
||||
"Content in linked shows must be scheduled before or after any one is "
|
||||
"broadcasted"
|
||||
msgstr ""
|
||||
msgstr "同期された配信内容を配信中に変更することはできません。"
|
||||
|
||||
#: airtime_mvc/application/models/Scheduler.php:200
|
||||
#: airtime_mvc/application/models/Scheduler.php:289
|
||||
|
|
@ -2015,7 +2015,7 @@ msgstr "お使いのブラウザはこのファイル形式の再生に対応し
|
|||
|
||||
#: airtime_mvc/application/controllers/LocaleController.php:117
|
||||
msgid "Dynamic block is not previewable"
|
||||
msgstr ""
|
||||
msgstr "自動生成スマート・ブロックはプレビューできません"
|
||||
|
||||
#: airtime_mvc/application/controllers/LocaleController.php:118
|
||||
msgid "Limit to: "
|
||||
|
|
@ -2164,19 +2164,19 @@ msgid ""
|
|||
" every song. If you are using an OGG stream and your listeners do not "
|
||||
"require support for these audio players, then feel free to enable this "
|
||||
"option."
|
||||
msgstr ""
|
||||
msgstr "このオプションをチェックしてOGGストリームのメタデータを有効にしてください(ストリームメタデータとは、トラックタイトル、アーティスト、オーディオプレーヤーに表示される名前のことです)。メタデータ情報を有効にしてOGG/ Vorbisのストリームを再生すると、VLCとmplayerはすべての曲を再生した後にストリームから切断される重大なバグを発生させます。OGGストリームを使用していて、リスナーがこれらのオーディオプレーヤーのためのサポートを必要としない場合は、このオプションを有効にして下さい。"
|
||||
|
||||
#: airtime_mvc/application/controllers/LocaleController.php:170
|
||||
msgid ""
|
||||
"Check this box to automatically switch off Master/Show source upon source "
|
||||
"disconnection."
|
||||
msgstr ""
|
||||
msgstr "このボックスにチェックを入れると、ソースが切断された時に番組ソースに自動的に切り替わります。"
|
||||
|
||||
#: airtime_mvc/application/controllers/LocaleController.php:171
|
||||
msgid ""
|
||||
"Check this box to automatically switch on Master/Show source upon source "
|
||||
"connection."
|
||||
msgstr ""
|
||||
msgstr "このボックスをクリックすると、ソースが接続された時にマスターソースに自動的に切り替わります。"
|
||||
|
||||
#: airtime_mvc/application/controllers/LocaleController.php:172
|
||||
msgid ""
|
||||
|
|
@ -2507,7 +2507,7 @@ msgstr "終了"
|
|||
|
||||
#: airtime_mvc/application/controllers/LocaleController.php:266
|
||||
msgid "Duration"
|
||||
msgstr ""
|
||||
msgstr "長さ"
|
||||
|
||||
#: airtime_mvc/application/controllers/LocaleController.php:276
|
||||
msgid "Show Empty"
|
||||
|
|
@ -2867,7 +2867,7 @@ msgstr "エントリーを作成"
|
|||
|
||||
#: airtime_mvc/application/controllers/LocaleController.php:390
|
||||
msgid "Edit History Record"
|
||||
msgstr ""
|
||||
msgstr "配信履歴を編集"
|
||||
|
||||
#: airtime_mvc/application/controllers/LocaleController.php:393
|
||||
#, php-format
|
||||
|
|
@ -2956,7 +2956,7 @@ msgstr "%sの古いバージョンを閲覧しています。"
|
|||
|
||||
#: airtime_mvc/application/controllers/PlaylistController.php:123
|
||||
msgid "You cannot add tracks to dynamic blocks."
|
||||
msgstr ""
|
||||
msgstr "自動生成スマート・ブロックにトラックを追加することはできません。"
|
||||
|
||||
#: airtime_mvc/application/controllers/PlaylistController.php:144
|
||||
#, php-format
|
||||
|
|
@ -3252,11 +3252,11 @@ msgstr "リピート間隔:"
|
|||
|
||||
#: airtime_mvc/application/forms/AddShowRepeats.php:50
|
||||
msgid "day of the month"
|
||||
msgstr ""
|
||||
msgstr "毎月特定日"
|
||||
|
||||
#: airtime_mvc/application/forms/AddShowRepeats.php:50
|
||||
msgid "day of the week"
|
||||
msgstr ""
|
||||
msgstr "毎月特定曜日"
|
||||
|
||||
#: airtime_mvc/application/forms/AddShowRepeats.php:56
|
||||
#: airtime_mvc/application/forms/DateRange.php:44
|
||||
|
|
@ -3467,7 +3467,7 @@ msgstr "ステーション名 - 番組名"
|
|||
|
||||
#: airtime_mvc/application/forms/StreamSetting.php:63
|
||||
msgid "Off Air Metadata"
|
||||
msgstr ""
|
||||
msgstr "オフエアーメタデータ"
|
||||
|
||||
#: airtime_mvc/application/forms/StreamSetting.php:69
|
||||
msgid "Enable Replay Gain"
|
||||
|
|
@ -3636,11 +3636,11 @@ msgstr "スマートブロックの形式:"
|
|||
|
||||
#: airtime_mvc/application/forms/SmartBlockCriteria.php:170
|
||||
msgid "Static"
|
||||
msgstr ""
|
||||
msgstr "スマート・ブロック"
|
||||
|
||||
#: airtime_mvc/application/forms/SmartBlockCriteria.php:171
|
||||
msgid "Dynamic"
|
||||
msgstr ""
|
||||
msgstr "自動生成スマート・ブロック"
|
||||
|
||||
#: airtime_mvc/application/forms/SmartBlockCriteria.php:285
|
||||
msgid "Allow Repeat Tracks:"
|
||||
|
|
|
|||
Binary file not shown.
|
|
@ -1,5 +1,15 @@
|
|||
<?php
|
||||
|
||||
// Only enable cookie secure if we are supporting https.
|
||||
// Ideally, this would always be on and we would force https,
|
||||
// but the default installation configs are likely to be installed by
|
||||
// amature users on the setup that does not have https. Forcing
|
||||
// cookie_secure on non https would result in confusing login problems.
|
||||
if(!empty($_SERVER['HTTPS'])){
|
||||
ini_set('session.cookie_secure', '1');
|
||||
}
|
||||
ini_set('session.cookie_httponly', '1');
|
||||
|
||||
error_reporting(E_ALL|E_STRICT);
|
||||
|
||||
function exception_error_handler($errno, $errstr, $errfile, $errline)
|
||||
|
|
|
|||
|
|
@ -23,7 +23,10 @@ $(document).ready(function() {
|
|||
multiple_queues : 'true',
|
||||
filters : [
|
||||
{title: "Audio Files", extensions: "ogg,mp3,oga,flac,wav,m4a,mp4,opus"}
|
||||
]
|
||||
],
|
||||
multipart_params : {
|
||||
"csrf_token" : $("#csrf").attr('value'),
|
||||
}
|
||||
});
|
||||
|
||||
uploader = $("#plupload_files").pluploadQueue();
|
||||
|
|
|
|||
1
airtime_mvc/public/js/libs/underscore-min.js
vendored
1
airtime_mvc/public/js/libs/underscore-min.js
vendored
File diff suppressed because one or more lines are too long
Loading…
Add table
Add a link
Reference in a new issue