Play images and video from Synology PhotoStation server

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188
  1. <?php
  2. /* Copyright (c) 2000-2012 Synology Inc. All rights reserved. */
  3. require_once('WebAPI.inc.php');
  4. require_once('WebAPIUtil.php');
  5. abstract class WebAPI {
  6. private $apiDesc;
  7. private $resp;
  8. private $error;
  9. private $headerSent = false;
  10. protected $api;
  11. protected $method;
  12. protected $version;
  13. protected $idPrefix;
  14. function __construct($apiDescFilePath) {
  15. if (!file_exists($apiDescFilePath)) {
  16. WebAPIUtil::Log("api desc not found. path=$apiDescFilePath", basename(__FILE__), __LINE__);
  17. $this->apiDesc = NULL;
  18. goto End;
  19. }
  20. $jsonString = file_get_contents($apiDescFilePath);
  21. $this->apiDesc = json_decode($jsonString, true);
  22. End:
  23. return;
  24. }
  25. private function CheckRequestParam($api, $method, $version) {
  26. $ret = false;
  27. $apiDesc = $this->apiDesc[$api];
  28. $minVersion = 0;
  29. $maxVersion = 0;
  30. if (NULL === $apiDesc) {
  31. $this->SetError(WEBAPI_ERR_NO_SUCH_API);
  32. goto End;
  33. }
  34. if (!is_int($version) && !ctype_digit($version)) {
  35. $this->SetError(WEBAPI_ERR_BAD_REQUEST);
  36. goto End;
  37. }
  38. if (!isset($apiDesc[SZK_API_MIN_VERSION]) || !isset($apiDesc[SZK_API_MAX_VERSION])) {
  39. WebAPIUtil::Log("Bad API desc. api=$api", basename(__FILE__), __LINE__);
  40. $this->SetError(WEBAPI_ERR_NO_SUCH_API);
  41. goto End;
  42. }
  43. $minVersion = $apiDesc[SZK_API_MIN_VERSION];
  44. $maxVersion = $apiDesc[SZK_API_MAX_VERSION];
  45. if ($version < $minVersion || $maxVersion < $version) {
  46. $this->SetError(WEBAPI_ERR_NOT_SUPPORTED_VERSION);
  47. goto End;
  48. }
  49. if (!in_array($method, $apiDesc[SZK_API_METHODS][$version])) {
  50. $this->SetError(WEBAPI_ERR_NO_SUCH_METHOD);
  51. goto End;
  52. }
  53. $this->api = $api;
  54. $this->method = $method;
  55. $this->version = $version;
  56. $ret = true;
  57. End:
  58. return $ret;
  59. }
  60. protected function OutputSingleSpace() {
  61. // this function is for connection abort detection
  62. // PHP will not detect that the user has aborted the connection until an attempt is made to send information to the client.
  63. // http://www.php.net/manual/en/function.ignore-user-abort.php
  64. if (!$this->headerSent) {
  65. $this->headerSent = true;
  66. header('Content-type: text/plain; charset=utf-8');
  67. }
  68. echo ' ';
  69. ob_flush();
  70. flush();
  71. }
  72. private function OutputResponse() {
  73. $resp = array();
  74. if (WEBAPI_ERR_NONE != $this->error) {
  75. $resp[SZK_RESP_SUCCESS] = false;
  76. $resp[SZK_RESP_ERROR][SZK_RESP_ERROR_CODE] = $this->error;
  77. goto End;
  78. }
  79. $resp[SZK_RESP_SUCCESS] = true;
  80. if (!is_null($this->resp)) {
  81. $resp[SZK_RESP_DATA] = $this->resp;
  82. }
  83. End:
  84. if (!$this->headerSent) {
  85. $this->headerSent = true;
  86. header('Content-type: text/plain; charset=utf-8');
  87. }
  88. echo(json_encode($resp));
  89. //echo json_encode($resp, JSON_UNESCAPED_UNICODE);
  90. // transform from unicode back to utf8
  91. //echo preg_replace("#\\\u([0-9a-f]{4}+)#ie", "iconv('UCS-2', 'UTF-8', pack('H4', '\\1'))", json_encode($resp));
  92. }
  93. private function CheckSessionTimeout() {
  94. $timeout = false;
  95. if (isset($_REQUEST['ps_username']) && $_REQUEST['ps_username'] !== "") {
  96. if (isset($_SESSION[SYNOPHOTO_ADMIN_USER]['reg_syno_user'])) {
  97. if ($_REQUEST['ps_username'] !== $_SESSION[SYNOPHOTO_ADMIN_USER]['reg_syno_user']) {
  98. $timeout = true;
  99. }
  100. } else {
  101. if (!isset($_SESSION[SYNOPHOTO_ADMIN_USER]['admin_syno_user']) || !($_REQUEST['ps_username'] === 'admin' && SYNOPHOTO_ADMIN_USER === 'root' || $_REQUEST['ps_username'] === substr(SYNOPHOTO_ADMIN_USER, 1))) {
  102. $timeout = true;
  103. }
  104. }
  105. }
  106. return $timeout;
  107. }
  108. protected function CheckPermission() {
  109. return true;
  110. }
  111. abstract protected function Process();
  112. protected function EncodeItemId($id, $prefix = '') {
  113. $idPrefix = $prefix ? $prefix : $this->idPrefix;
  114. return $idPrefix.bin2hex($id);
  115. }
  116. protected function DecodeItemId($id, $prefix = '')
  117. {
  118. $idPrefix = $prefix ? $prefix : $this->idPrefix;
  119. $arr = explode($idPrefix, $id);
  120. if (2 !== count($arr)) {
  121. return false;
  122. }
  123. return @pack('H*', $arr[1]);
  124. }
  125. protected function SetResponse($resp) {
  126. $this->resp = $resp;
  127. $this->error = WEBAPI_ERR_NONE;
  128. }
  129. protected function SetError($error) {
  130. $this->resp = NULL;
  131. $this->error = $error;
  132. }
  133. public function Run() {
  134. if (!isset($_REQUEST[SZK_PARAM_API]) || !isset($_REQUEST[SZK_PARAM_METHOD]) || !isset($_REQUEST[SZK_PARAM_VERSION])) {
  135. $this->SetError(WEBAPI_ERR_BAD_REQUEST);
  136. goto End;
  137. }
  138. if ($this->CheckSessionTimeout()) {
  139. header('x-request-error: error_timeout');
  140. goto End;
  141. }
  142. $api = $_REQUEST[SZK_PARAM_API];
  143. $method = $_REQUEST[SZK_PARAM_METHOD];
  144. $version = $_REQUEST[SZK_PARAM_VERSION];
  145. if (!$this->CheckRequestParam($api, $method, $version)) {
  146. goto End;
  147. }
  148. if (!$this->CheckPermission()) {
  149. goto End;
  150. }
  151. $this->Process();
  152. End:
  153. $this->OutputResponse();
  154. return;
  155. }
  156. }
  157. ?>