diff options
| author | Karl 'vollmerk' Vollmer <vollmer@ampache.org> | 2007-11-21 18:26:00 +0000 |
|---|---|---|
| committer | Karl 'vollmerk' Vollmer <vollmer@ampache.org> | 2007-11-21 18:26:00 +0000 |
| commit | 090d4f6899a456a535d392a93fdfddb6d2263f13 (patch) | |
| tree | f895b16856a6b1e72628f90040a69426314b8351 | |
| parent | 9ded189f8c466838c4a1913126383ee21061e102 (diff) | |
| download | ampache-090d4f6899a456a535d392a93fdfddb6d2263f13.tar.gz ampache-090d4f6899a456a535d392a93fdfddb6d2263f13.tar.bz2 ampache-090d4f6899a456a535d392a93fdfddb6d2263f13.zip | |
some temporary tweaks to make the whole amarok thing work, will be tweaking this as it is currently slightly insecure
| -rw-r--r-- | lib/class/song.class.php | 2 | ||||
| -rw-r--r-- | lib/class/user.class.php | 26 | ||||
| -rw-r--r-- | lib/class/xmldata.class.php | 2 | ||||
| -rw-r--r-- | play/index.php | 1 |
4 files changed, 21 insertions, 10 deletions
diff --git a/lib/class/song.class.php b/lib/class/song.class.php index e912e511..8cc89308 100644 --- a/lib/class/song.class.php +++ b/lib/class/song.class.php @@ -784,7 +784,7 @@ class Song { function get_url($session_id='',$force_http='') { /* Define Variables we are going to need */ - $user_id = scrub_out($GLOBALS['user']->id); + $user_id = $GLOBALS['user']->id ? scrub_out($GLOBALS['user']->id) : '-1'; $song_id = $this->id; if (Config::get('require_session')) { diff --git a/lib/class/user.class.php b/lib/class/user.class.php index 2fc8412e..4708d1c2 100644 --- a/lib/class/user.class.php +++ b/lib/class/user.class.php @@ -70,13 +70,23 @@ class User { */ private function _get_info() { + // If the ID is -1 then + if ($this->id == '-1') { + $data['username'] = 'System'; + $data['fullname'] = 'Ampache User'; + $data['access'] = '25'; + return $data; + } + + // Else... $id = Dba::escape($this->id); $sql = "SELECT * FROM `user` WHERE `id`='" . $id . "'"; - $db_results = Dba::query($sql); - return Dba::fetch_assoc($db_results); + $data = Dba::fetch_assoc($db_results); + + return $data; } // _get_info @@ -312,15 +322,15 @@ class User { } // is_logged_in - /*! - @function has_access - @discussion this function checkes to see if this user has access - to the passed action (pass a level requirement) - */ + /** + * has_access + * this function checkes to see if this user has access + * to the passed action (pass a level requirement) + */ function has_access($needed_level) { if (!Config::get('use_auth') || Config::get('demo_mode')) { return true; } - + if ($this->access >= $needed_level) { return true; } return false; diff --git a/lib/class/xmldata.class.php b/lib/class/xmldata.class.php index ea5fb9bd..c9d49a3f 100644 --- a/lib/class/xmldata.class.php +++ b/lib/class/xmldata.class.php @@ -116,7 +116,7 @@ class xmlData { $string .= "\t<artist id=\"0\"><![CDATA[Various]]></artist>\n"; } else { - $string .= "\t<artist id=\"$album->artist\"><![CDATA[$album->artist_name]]></artist>\n"; + $string .= "\t<artist id=\"$album->artist_id\"><![CDATA[$album->artist_name]]></artist>\n"; } $string .= "\t<year>$album->year</year>\n" . diff --git a/play/index.php b/play/index.php index 1efd36ef..7577b396 100644 --- a/play/index.php +++ b/play/index.php @@ -92,6 +92,7 @@ $user->update_last_seen(); if (Config::get('demo_mode') || (!$GLOBALS['user']->has_access('25') && !$xml_rpc) ) { debug_event('access_denied',"Streaming Access Denied:" .Config::get('demo_mode') . "is the value of demo_mode. Current user level is " . $GLOBALS['user']->access,'3'); access_denied(); + exit; } /* |