diff options
| author | Karl 'vollmerk' Vollmer <vollmer@ampache.org> | 2006-01-09 07:02:49 +0000 |
|---|---|---|
| committer | Karl 'vollmerk' Vollmer <vollmer@ampache.org> | 2006-01-09 07:02:49 +0000 |
| commit | 53e05bc90da0864e19eabdea083d32080dbaa283 (patch) | |
| tree | da54b0c181e9cb820ff98e5f8b6c974d568e504f | |
| parent | 6906bb43c6635ece5150c9abffe8e9bb16a03f6c (diff) | |
| download | ampache-53e05bc90da0864e19eabdea083d32080dbaa283.tar.gz ampache-53e05bc90da0864e19eabdea083d32080dbaa283.tar.bz2 ampache-53e05bc90da0864e19eabdea083d32080dbaa283.zip | |
final commit before beta1 release
34 files changed, 78 insertions, 142 deletions
diff --git a/docs/CHANGELOG b/docs/CHANGELOG index 8bec4031..982599bf 100755 --- a/docs/CHANGELOG +++ b/docs/CHANGELOG @@ -3,7 +3,8 @@ -------------------------------------------------------------------------- -------------------------------------------------------------------------- - v.3.3.2-Beta1 + v.3.3.2-Beta1 01/08/2006 + - Fixed lack of Access List check on download - Fixed Access List so that you can edit existing records - Fixed counting error when using the /bin/catalog_update.php.inc script diff --git a/download/index.php b/download/index.php index c04f1563..faf6d6fa 100644 --- a/download/index.php +++ b/download/index.php @@ -1,7 +1,7 @@ <?php /* - Copyright (c) 2001 - 2005 Ampache.org + Copyright (c) 2001 - 2006 Ampache.org All rights reserved. This program is free software; you can redistribute it and/or @@ -36,8 +36,21 @@ if (conf('demo_mode') || !$user->has_access('25')) { access_denied(); } +/* + If they are using access lists let's make sure + that they have enough access to play this mojo +*/ +if (conf('access_control')) { + $access = new Access(0); + if (!$access->check('50', $_SERVER['REMOTE_ADDR'])) { + if (conf('debug')) { + log_event($user->username,' access_denied ', "Download Access Denied, " . $_SERVER['REMOTE_ADDR'] . " does not have download level + } + access_denied(); + } +} // access_control is enabled if ($user->prefs['download']) { if ($_REQUEST['song_id']) { diff --git a/lib/stream.lib.php b/lib/stream.lib.php index 89ca52b4..4668ee92 100644 --- a/lib/stream.lib.php +++ b/lib/stream.lib.php @@ -236,6 +236,7 @@ function start_downsample($song,$now_playing_id=0,$song_name=0) { $song_file = escapeshellarg($song->file); + /* Replace Variables */ $downsample_command = conf($song->stream_cmd()); $downsample_command = str_replace("%FILE%",$song_file,$downsample_command); diff --git a/modules/init.php b/modules/init.php index 500a913d..81d3b728 100644 --- a/modules/init.php +++ b/modules/init.php @@ -83,7 +83,7 @@ if (!$results['conf']['allow_stream_playback']) { $results['conf']['raw_web_path'] = $results['conf']['web_path']; $results['conf']['web_path'] = $http_type . $_SERVER['HTTP_HOST'] . $results['conf']['web_path']; -$results['conf']['version'] = '3.3.2-Beta1 (Build 003)'; +$results['conf']['version'] = '3.3.2-Beta1'; $results['conf']['catalog_file_pattern']= 'mp3|mpc|m4p|m4a|mp4|aac|ogg|rm|wma|asf|flac|spx'; $results['libglue']['local_table'] = 'session'; $results['libglue']['local_sid'] = 'id'; diff --git a/play/index.php b/play/index.php index 05d04d63..01e37db7 100644 --- a/play/index.php +++ b/play/index.php @@ -1,7 +1,7 @@ <?php /* - Copyright (c) 2001 - 2005 Ampache.org + Copyright (c) 2001 - 2006 Ampache.org All rights reserved. This program is free software; you can redistribute it and/or @@ -32,10 +32,10 @@ require_once('../modules/init.php'); require_once(conf('prefix') . '/lib/Browser.php'); -/* These parameters has better come on the url. */ -$uid = htmlspecialchars($_REQUEST['uid']); -$song_id = htmlspecialchars($_REQUEST['song']); -$sid = htmlspecialchars($_REQUEST['sid']); +/* These parameters had better come in on the url. */ +$uid = scrub_out($_REQUEST['uid']); +$song_id = scrub_out($_REQUEST['song']); +$sid = scrub_out($_REQUEST['sid']); /* Misc Housework */ $dbh = dbh(); diff --git a/play/pupload.php b/play/pupload.php index e7de7a6c..df3a87a0 100644 --- a/play/pupload.php +++ b/play/pupload.php @@ -1,7 +1,7 @@ <?php
/*
- Copyright (c) 2001 - 2005 Ampache.org
+ Copyright (c) 2001 - 2006 Ampache.org
All rights reserved.
This program is free software; you can redistribute it and/or
diff --git a/templates/list_header.inc b/templates/list_header.inc index 658d0972..71410eac 100644 --- a/templates/list_header.inc +++ b/templates/list_header.inc @@ -1,7 +1,7 @@ <?php /* - Copyright (c) 2001 - 2005 Ampache.org + Copyright (c) 2001 - 2006 Ampache.org All rights reserved. This program is free software; you can redistribute it and/or diff --git a/templates/show_admin_index.inc b/templates/show_admin_index.inc index 210f438a..6bb01272 100644 --- a/templates/show_admin_index.inc +++ b/templates/show_admin_index.inc @@ -1,7 +1,7 @@ <?php /* - Copyright (c) 2001 - 2005 Ampache.org + Copyright (c) 2001 - 2006 Ampache.org All rights reserved. This program is free software; you can redistribute it and/or diff --git a/templates/show_album.inc b/templates/show_album.inc index 48dd44fd..136df4b8 100644 --- a/templates/show_album.inc +++ b/templates/show_album.inc @@ -1,7 +1,7 @@ <?php /* - Copyright (c) 2004 Ampache.org + Copyright (c) 2001 - 2006 Ampache.org All rights reserved. This program is free software; you can redistribute it and/or diff --git a/templates/show_all_popular.inc.php b/templates/show_all_popular.inc.php index 1b1c9987..486644b9 100644 --- a/templates/show_all_popular.inc.php +++ b/templates/show_all_popular.inc.php @@ -1,7 +1,7 @@ <?php /* - Copyright (c) 2001 - 2005 Ampache.org + Copyright (c) 2001 - 2006 Ampache.org All rights reserved. This program is free software; you can redistribute it and/or diff --git a/templates/show_all_recent.inc.php b/templates/show_all_recent.inc.php index 28339c89..076da614 100644 --- a/templates/show_all_recent.inc.php +++ b/templates/show_all_recent.inc.php @@ -1,7 +1,7 @@ <?php /* - Copyright (c) 2001 - 2005 Ampache.org + Copyright (c) 2001 - 2006 Ampache.org All rights reserved. This program is free software; you can redistribute it and/or diff --git a/templates/show_alphabet_form.inc.php b/templates/show_alphabet_form.inc.php index b5e83bd9..d5eb9fb2 100644 --- a/templates/show_alphabet_form.inc.php +++ b/templates/show_alphabet_form.inc.php @@ -1,7 +1,7 @@ <?php /* - Copyright (c) 2001 - 2005 Ampache.org + Copyright (c) 2001 - 2006 Ampache.org All rights reserved. This program is free software; you can redistribute it and/or @@ -19,20 +19,10 @@ Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ -/*! - @header - A template file - -*/ - ?> - <form name="f" method="get" action="<?php echo conf('web_path') . "/$action"; ?>" enctype="multipart/form-data"> <label for="match" accesskey="S"><?php echo $text; ?></label> <input type="text" size="3" id="match" name="match" value="<?php echo $match; ?>" /> <input type="hidden" name="action" value="match" /> </form> <br /> - - - diff --git a/templates/show_artists.inc b/templates/show_artists.inc index 5641c101..c3c6149f 100644 --- a/templates/show_artists.inc +++ b/templates/show_artists.inc @@ -1,7 +1,7 @@ <?php /* - Copyright (c) 2001 - 2005 Ampache.org + Copyright (c) 2001 - 2006 Ampache.org All rights reserved. This program is free software; you can redistribute it and/or diff --git a/templates/show_big_art.inc b/templates/show_big_art.inc index 7c52f4e3..9048d5b0 100644 --- a/templates/show_big_art.inc +++ b/templates/show_big_art.inc @@ -1,7 +1,7 @@ <?php /* - Copyright (c) 2001 - 2005 Ampache.org + Copyright (c) 2001 - 2006 Ampache.org All rights reserved. This program is free software; you can redistribute it and/or diff --git a/templates/show_box.inc b/templates/show_box.inc index 1d856458..f17cbe16 100644 --- a/templates/show_box.inc +++ b/templates/show_box.inc @@ -1,7 +1,7 @@ <?php /* - Copyright (c) 2004 Ampache.org + Copyright (c) 2001 - 2006 Ampache.org All rights reserved. This program is free software; you can redistribute it and/or @@ -19,14 +19,7 @@ Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ -/*! - @header - A template file - -*/ - ?> - <table class="border" cellspacing="1" cellpadding="3"> <tr align="center"> <td background="<?php echo conf('web_path'); ?>/images/ampache-light-bg.gif" bgcolor="#c0c0c0"><?php echo $title; ?></td> diff --git a/templates/show_browse_menu.inc b/templates/show_browse_menu.inc deleted file mode 100644 index bdef2e2a..00000000 --- a/templates/show_browse_menu.inc +++ /dev/null @@ -1,55 +0,0 @@ -<?php -/* - - Copyright (c) 2001 - 2005 Ampache.org - All rights reserved. - - This program is free software; you can redistribute it and/or - modify it under the terms of the GNU General Public License - as published by the Free Software Foundation; either version 2 - of the License, or (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. - -*/ - -/** - * Browse Menu - * This menu has all the different ways you can browse your ampache music collection - * This calls different options of the browse.php file - * @package Web Interface - * @catagory Browse - * @author Karl Vollmer - */ - -$web_path = conf('web_path'); - -$items = array( - _("Artists") => "$web_path/artists.php", - _("Albums") => "$web_path/albums.php", - _("Genre") => "$web_path/browse.php?action=genre", - ); - -?> -<ul id="adminmenu"> - - <?php - foreach ( array_keys($items) as $item ) { - if ( _($highlight) == $item ) { - echo "<li class=\"active\"><a class=\"active\" href=\"$items[$item]\">" . $item . "</a></li>\n"; - } - else { - echo "<li><a href=\"$items[$item]\">" . $item . "</a></li>\n"; - } - } - - ?> -</ul> -<br /> diff --git a/templates/show_confirm_action.inc.php b/templates/show_confirm_action.inc.php index 43d6ec60..bef0e8db 100644 --- a/templates/show_confirm_action.inc.php +++ b/templates/show_confirm_action.inc.php @@ -1,7 +1,7 @@ <?php /* - Copyright (c) 2001 - 2005 Ampache.org + Copyright (c) 2001 - 2006 Ampache.org All rights reserved. This program is free software; you can redistribute it and/or diff --git a/templates/show_confirmation.inc.php b/templates/show_confirmation.inc.php index 0268a081..b91227f4 100644 --- a/templates/show_confirmation.inc.php +++ b/templates/show_confirmation.inc.php @@ -1,7 +1,7 @@ <?php /* - Copyright (c) 2001 - 2005 Ampache.org + Copyright (c) 2001 - 2006 Ampache.org All rights reserved. This program is free software; you can redistribute it and/or diff --git a/templates/show_disabled_songs.inc b/templates/show_disabled_songs.inc index 6f40c082..92c7fc8f 100644 --- a/templates/show_disabled_songs.inc +++ b/templates/show_disabled_songs.inc @@ -1,7 +1,7 @@ <?php /* - Copyright (c) 2001 - 2005 Ampache.org + Copyright (c) 2001 - 2006 Ampache.org All rights reserved. This program is free software; you can redistribute it and/or @@ -18,13 +18,6 @@ along with this program; if not, write to the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ - -/*! - @header Disabled Songs - -*/ - - ?> <br /> <form name="songs" method="post" action="<?php echo conf('web_path'); ?>/admin/catalog.php" enctype="multipart/form-data" style="Display:inline"> diff --git a/templates/show_genre.inc.php b/templates/show_genre.inc.php index 6323a7a3..ce94912e 100644 --- a/templates/show_genre.inc.php +++ b/templates/show_genre.inc.php @@ -1,7 +1,7 @@ <?php /* - Copyright (c) 2001 - 2005 Ampache.org + Copyright (c) 2001 - 2006 Ampache.org All rights reserved. This program is free software; you can redistribute it and/or @@ -25,7 +25,6 @@ * albums/artists or songs */ ?> - <table class="text-box"> <tr> <td> diff --git a/templates/show_local_catalog_info.inc.php b/templates/show_local_catalog_info.inc.php index 080ccc64..abc0a139 100644 --- a/templates/show_local_catalog_info.inc.php +++ b/templates/show_local_catalog_info.inc.php @@ -1,6 +1,24 @@ <?php +/* + Copyright (c) 2001 - 2006 Ampache.org + All Rights Reserved + this program is free software; you can redistribute it and/or + modify it under the terms of the GNU General Public License + as published by the Free Software Foundation; either version 2 + of the License, or (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. + +*/ ?> <table width="100%" class="border" cellpadding="0" cellspacing="0"> <tr class="table-header"> diff --git a/templates/show_login_form.inc b/templates/show_login_form.inc index cc5d8bc2..c0076e4f 100644 --- a/templates/show_login_form.inc +++ b/templates/show_login_form.inc @@ -19,11 +19,6 @@ */ -/*! - @header Login Template -Login Template - -*/ $subject = "/ampache\.com/"; $referrer = $_SERVER['HTTP_REFERER']; diff --git a/templates/show_now_playing.inc b/templates/show_now_playing.inc index 7865327c..0569257d 100644 --- a/templates/show_now_playing.inc +++ b/templates/show_now_playing.inc @@ -1,7 +1,7 @@ <?php /* - Copyright (c) 2001 - 2005 Ampache.org + Copyright (c) 2001 - 2006 Ampache.org All rights reserved. This program is free software; you can redistribute it and/or @@ -19,16 +19,11 @@ Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ -/*! - @header Show Now Playing - -*/ - ?> <?php if (count($results)) { ?> <table class="border" cellspacing="1" cellpadding="3" border="0" width="100%"> <tr class="table-header"> - <td colspan="4"><?php echo _("Now Playing"); ?></td> + <td colspan="4"><?php echo _('Now Playing'); ?></td> </tr> <?php $user = $GLOBALS['user']; @@ -40,7 +35,7 @@ $album = $song->get_album_name(); $text = "$song->f_title"; if (!$np_user->fullname) { $np_user->fullname = "Unknown User"; } - if ($user->username == $np_user->username) + if ($GLOBALS['user']->username == $np_user->username) { $sql = "SELECT start_time FROM now_playing WHERE user ='".$user->username."'"; $db_results = mysql_query($sql, dbh()); @@ -55,9 +50,9 @@ if (conf('use_auth')) { echo "\t<td valign=\"middle\">$np_user->fullname</td>\n"; } - echo "\t<td><a title=\"" . htmlspecialchars($song->title) . "\" href=\"$web_path/song.php?action=m3u&song=$song->id\">$text</a></td>\n"; - echo "\t<td><a title=\"" . htmlspecialchars($song->f_artist) . "\" href=\"$web_path/artists.php?action=show&artist=$song->artist\">$song->f_artist</a> / "; - echo "\t<a title=\"" . htmlspecialchars($album) . "\" href=\"$web_path/albums.php?action=show&album=$song->album\">$song->f_album</a></td>"; + echo "\t<td><a title=\"" . scrub_out($song->title) . "\" href=\"$web_path/song.php?action=m3u&song=$song->id\">$text</a></td>\n"; + echo "\t<td><a title=\"" . scrub_out($song->f_artist) . "\" href=\"$web_path/artists.php?action=show&artist=$song->artist\">$song->f_artist</a> / "; + echo "\t<a title=\"" . scrub_out($album) . "\" href=\"$web_path/albums.php?action=show&album=$song->album\">$song->f_album</a></td>"; if (conf('play_album_art')) { echo "\t<td align=\"center\">"; $aa_url = conf('web_path') . "/albumart.php?id=" . $song->album . "&type=popup"; diff --git a/templates/show_random_play.inc b/templates/show_random_play.inc index dbddced2..1e7979b3 100644 --- a/templates/show_random_play.inc +++ b/templates/show_random_play.inc @@ -1,7 +1,7 @@ <?php /* - Copyright (c) 2001 - 2005 Ampache.org + Copyright (c) 2001 - 2006 Ampache.org All rights reserved. This program is free software; you can redistribute it and/or diff --git a/templates/show_rename_artist.inc.php b/templates/show_rename_artist.inc.php index 17ee4eda..ffa5b83f 100644 --- a/templates/show_rename_artist.inc.php +++ b/templates/show_rename_artist.inc.php @@ -1,7 +1,7 @@ <?php /* - Copyright (c) 2004 Ampache.org + Copyright (c) 2001 - 2006 Ampache.org All rights reserved. This program is free software; you can redistribute it and/or diff --git a/templates/show_search.inc b/templates/show_search.inc index fb526a74..0b11639d 100644 --- a/templates/show_search.inc +++ b/templates/show_search.inc @@ -1,7 +1,7 @@ <?php /* - Copyright (c) 2001 - 2005 Ampache.org + Copyright (c) 2001 - 2006 Ampache.org All rights reserved. This program is free software; you can redistribute it and/or diff --git a/templates/show_search_bar.inc b/templates/show_search_bar.inc index a1d0c92a..0e82f0a7 100644 --- a/templates/show_search_bar.inc +++ b/templates/show_search_bar.inc @@ -1,7 +1,7 @@ <?php /* - Copyright (c) 2001 - 2005 Ampache.org + Copyright (c) 2001 - 2006 Ampache.org All rights reserved. This program is free software; you can redistribute it and/or @@ -19,26 +19,16 @@ Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ - - -/*! - @header search template - @discussion This is the template for the searches... amazing! - - 7/16/05 Do it in smaller bar format - sigger - -*/ - ?> <form name="search" method="post" action="<?php echo conf('web_path'); ?>/search.php" enctype="multipart/form-data" style="Display:inline"> <table class="tabledata" cellspacing="0" cellpadding="3" border="0" style="clear:both;" width="100%"> <tr class="table-header"> - <td colspan="4"><b><?php echo _("Search Ampache"); ?>...</b></td> + <td colspan="4"><b><?php echo _('Search Ampache'); ?>...</b></td> </tr> <tr class="<?php echo flip_class(); ?>"> - <td><input type="text" name="search_string" value="<?php echo $_REQUEST['search_string']; ?>" /></td> + <td><input type="text" name="search_string" value="<?php echo scrub_out($_REQUEST['search_string']); ?>" /></td> <td> - <input class="button" type="submit" value="<?php echo _("Search"); ; ?>" /> + <input class="button" type="submit" value="<?php echo _('Search'); ; ?>" /> <input type="hidden" name="action" value="quick_search" /> <input type="hidden" name="method" value="fuzzy" /> <input type="hidden" name="object_type" value="song" /> diff --git a/templates/show_test.inc b/templates/show_test.inc index 6f64448f..569dcc35 100644 --- a/templates/show_test.inc +++ b/templates/show_test.inc @@ -1,6 +1,9 @@ <?php /* + Copyright (c) 2001 - 2006 Ampache.org + All Rights Reserved + this program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 diff --git a/templates/show_upload.inc b/templates/show_upload.inc index 99569038..04d4f2ed 100644 --- a/templates/show_upload.inc +++ b/templates/show_upload.inc @@ -1,7 +1,7 @@ <?php /* - Copyright (c) 2001 - 2005 Ampache.org + Copyright (c) 2001 - 2006 Ampache.org All rights reserved. *Created by Lamar* diff --git a/templates/show_uploads.inc b/templates/show_uploads.inc index bc1d74f8..e43d365e 100644 --- a/templates/show_uploads.inc +++ b/templates/show_uploads.inc @@ -1,7 +1,7 @@ <?php /* - Copyright (c) 2001 - 2005 Ampache.org + Copyright (c) 2001 - 2006 Ampache.org All rights reserved. *Created by Rosensama* diff --git a/templates/show_users.inc b/templates/show_users.inc index 7331bb79..f8677da1 100644 --- a/templates/show_users.inc +++ b/templates/show_users.inc @@ -1,7 +1,7 @@ <?php /* - Copyright (c) 2004 Ampache.org + Copyright (c) 2001 - 2006 Ampache.org All rights reserved. This program is free software; you can redistribute it and/or diff --git a/templates/song_edit.inc b/templates/song_edit.inc index 5c651e3f..eb6179d7 100644 --- a/templates/song_edit.inc +++ b/templates/song_edit.inc @@ -1,7 +1,7 @@ <?php /* - Copyright (c) 2004 Ampache.org + Copyright (c) 2001 - 2006 Ampache.org All rights reserved. This program is free software; you can redistribute it and/or @@ -20,7 +20,7 @@ */ preg_match("/^.*\/(.*?)$/",$song->file, $short); -$filename = htmlspecialchars($short[1]); +$filename = scrub_out($short[1]); $target = conf('web_path').'/admin/flags.php'; ?> diff --git a/templates/style.inc b/templates/style.inc index 0019e87b..2c29d1b9 100644 --- a/templates/style.inc +++ b/templates/style.inc @@ -1,7 +1,7 @@ <?php /* - Copyright (c) 2001 - 2005 Ampache.org + Copyright (c) 2001 - 2006 Ampache.org All rights reserved. This program is free software; you can redistribute it and/or diff --git a/templates/tool_box.inc b/templates/tool_box.inc index 1433a4c8..2f0f5fe6 100644 --- a/templates/tool_box.inc +++ b/templates/tool_box.inc @@ -1,7 +1,7 @@ <?php /* - Copyright (c) 2001 - 2005 Ampache.org + Copyright (c) 2001 - 2006 Ampache.org All rights reserved. This program is free software; you can redistribute it and/or |