-
Notifications
You must be signed in to change notification settings - Fork 4
/
index.php
executable file
·118 lines (98 loc) · 3.69 KB
/
index.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
<?php
require_once('lib/limonade.php');
function configure(Security)
{
option('env', ENV_DEVELOPMENT);
}
function before() {
layout('layouts/default.php');
}
dispatch('/', function() { return redirect_to('streams'); });
dispatch('/streams', function() {
//Filter for enabled VOD streams gpg
$streams = getEnabledVODStreams(getAllMedia());
set('streams', $streams);
return render('templates/streams.html.php');
});
dispatch('/streams/watch/:name', function() {
set_or_default('stream', params('name'), false);
return render('templates/watch.html.php');
});
dispatch('/streams/search/*', function() {
header('Content-Type: text/json');
//Filter for enabled VOD streams matching the search term
$streams = getEnabledVODStreams(getAllMedia(), params(0));
set('streams', $streams);
layout(null);
return json_encode(array('streams' => $streams));
});
dispatch('/streams/add/:action/:path', function () {
if((params('action') != 'use') || (strpos(realpath(params('path')), getcwd().'/media') === 0)) {
if(strpos(realpath(params('path')), getcwd().'/media') != 0) set('path',''); //Invalid path traversal!
else set_or_default('path', trim(params('path'),'/'), '');
set('files', array_slice(scandir('media/admin/' . params('path')),2));
}
else {
set('addFile', params('path'));
}
return render('templates/add.html.php');
});
dispatch_post('/streams/add/use/*', function() {
$name = escapeshellcmd($_POST['name']);
$source = escapeshellcmd(realpath('media/admin/'.$_POST['file']));
addStream($name, $source);
return redirect_to('streams');
});
dispatch('/streams/remove/:name', function() {
shell_exec('scripts/remove_vod.expect ' . escapeshellcmd(params('name')));
$db = new SQlite3('streams.db');
$db->exec('DELETE FROM streams WHERE name = "'. $db->escapeString(params('name')) . '"');
$db->close();
return redirect_to('streams');
});
dispatch('/streams/sync', function() {
$db = new SQLite3('streams.db');
$dbStreamsResult = $db->query('SELECT * FROM streams');
$dbStreams = array();
while(($row = $dbStreamsResult->fetchArray()) !== false) $dbStreams[$row['name']] = $row;
$existingStreams = getEnabledVODStreams(getAllMedia());
//Sync DB -> Streams
foreach($dbStreams as $stream) {
if(!in_array($stream['name'], $existingStreams)) addStream($stream['name'], $stream['source']);
}
$db->close();
return redirect_to('streams');
});
run();
//Auxiliary functions
function addStream($name, $source) {
shell_exec('scripts/add_vod.expect ' . $name . ' ' . $source );
$db = new SQlite3('streams.db');
$db->exec('INSERT INTO streams(name, source) VALUES("'. $db->escapeString($name) . '","' . $db->escapeString($source) . '")');
$db->close();
}
function getEnabledVODStreams($media, $searchTerm = '') {
$result = array();
foreach($media as $sName => $sParams) {
if($sParams['type'] == 'vod' && $sParams['enabled'] == 'yes') {
if($searchTerm == '' || strpos($sName, $searchTerm) !== false)
$result[] = $sName;
}
}
return $result;
}
function getAllMedia() {
$output = shell_exec("scripts/get_vodlist.expect");
$lines = explode("\r\n", $output);
$allMedia = array();
$currentKey = "";
//Assemble media information
foreach($lines as $l) {
if(preg_match('#^\s{8}(\w+)$#i',$l, $tokens)) {
$currentKey = $tokens[1];
$allMedia[$currentKey] = array();
}
else if(preg_match('#^\s{12}(\w+)\s\:\s(\w+)$#i',$l, $tokens)) $allMedia[$currentKey][$tokens[1]] = $tokens[2];
}
return $allMedia;
}