diff options
| author | Karl 'vollmerk' Vollmer <vollmer@ampache.org> | 2005-07-09 07:49:59 +0000 |
|---|---|---|
| committer | Karl 'vollmerk' Vollmer <vollmer@ampache.org> | 2005-07-09 07:49:59 +0000 |
| commit | c5d6e04d114d3c4b3f31743ccd0d4a60c9ef9632 (patch) | |
| tree | bc3196cb97d63079013ebfc5b183d2038ee7c9e7 | |
| parent | c9170314af9139abef87629d218c7999bd3c8df3 (diff) | |
| download | ampache-c5d6e04d114d3c4b3f31743ccd0d4a60c9ef9632.tar.gz ampache-c5d6e04d114d3c4b3f31743ccd0d4a60c9ef9632.tar.bz2 ampache-c5d6e04d114d3c4b3f31743ccd0d4a60c9ef9632.zip | |
removed ID field from user table, and everything that goes with that...
| -rw-r--r-- | admin/mail.php | 22 | ||||
| -rw-r--r-- | admin/preferences.php | 21 | ||||
| -rw-r--r-- | admin/users.php | 8 | ||||
| -rw-r--r-- | amp-mpd.php | 4 | ||||
| -rw-r--r-- | lib/class/catalog.class.php | 58 | ||||
| -rw-r--r-- | lib/class/playlist.class.php | 16 | ||||
| -rw-r--r-- | lib/class/stream.class.php | 2 | ||||
| -rw-r--r-- | lib/class/update.class.php | 26 | ||||
| -rw-r--r-- | lib/class/user.class.php | 148 | ||||
| -rw-r--r-- | lib/flag.php | 8 | ||||
| -rw-r--r-- | lib/general.lib.php | 2 | ||||
| -rw-r--r-- | lib/mpd.php | 6 | ||||
| -rw-r--r-- | lib/preferences.php | 18 | ||||
| -rw-r--r-- | lib/ui.lib.php | 4 | ||||
| -rw-r--r-- | lib/xmlrpc.php | 2 | ||||
| -rw-r--r-- | modules/admin.php | 4 | ||||
| -rw-r--r-- | modules/init.php | 7 | ||||
| -rw-r--r-- | modules/lib.php | 26 | ||||
| -rw-r--r-- | play/index.php | 11 | ||||
| -rw-r--r-- | play/pupload.php | 8 | ||||
| -rw-r--r-- | playlist.php | 8 | ||||
| -rw-r--r-- | preferences.php | 2 | ||||
| -rw-r--r-- | song.php | 2 | ||||
| -rw-r--r-- | stats.php | 2 | ||||
| -rw-r--r-- | templates/show_songs.inc | 8 | ||||
| -rw-r--r-- | templates/show_users.inc | 2 | ||||
| -rw-r--r-- | templates/userform.inc | 1 | ||||
| -rw-r--r-- | upload.php | 4 |
28 files changed, 241 insertions, 189 deletions
diff --git a/admin/mail.php b/admin/mail.php index 78d257a8..2d5a0802 100644 --- a/admin/mail.php +++ b/admin/mail.php @@ -39,17 +39,17 @@ $subject = stripslashes(scrub_in($_POST['subject'])); $message = stripslashes(scrub_in($_POST['message'])); if ( $action == 'send_mail' && !conf('demo_mode')) { - $user = new User(0,$_SESSION['userdata']['id']); - // do the mail mojo here - if ( $to == 'all' ) { - $sql = "SELECT * FROM user WHERE email IS NOT NULL"; - } - elseif ( $to == 'users' ) { - $sql = "SELECT * FROM user WHERE access='users' AND email IS NOT NULL"; - } - elseif ( $to == 'admins' ) { - $sql = "SELECT * FROM user WHERE access='admin' AND email IS NOT NULL"; - } + $user = $GLOBALS['user']; + // do the mail mojo here + if ( $to == 'all' ) { + $sql = "SELECT * FROM user WHERE email IS NOT NULL"; + } + elseif ( $to == 'users' ) { + $sql = "SELECT * FROM user WHERE access='users' OR access='25' AND email IS NOT NULL"; + } + elseif ( $to == 'admins' ) { + $sql = "SELECT * FROM user WHERE access='admin' OR access='100' AND email IS NOT NULL"; + } $db_result = mysql_query($sql, dbh()); diff --git a/admin/preferences.php b/admin/preferences.php index ba381f44..c83f690e 100644 --- a/admin/preferences.php +++ b/admin/preferences.php @@ -20,12 +20,14 @@ */ -/*! - @header Preferences page - Preferences page for whole site, and where - the admins do editing of other users preferences - -*/ +/** + * Preferences page + * Preferences page for whole site, and where + * the admins do editing of other users preferences + * @package Preferences + * @catagory Admin + * @author Karl Vollmer + */ require('../modules/init.php'); @@ -40,8 +42,7 @@ $user_id = intval(scrub_in($_REQUEST['user_id'])); switch(scrub_in($_REQUEST['action'])) { case 'user': - $temp_user = new User(0,$user_id); - $user_id = $temp_user->id; + $temp_user = new User($user_id); $fullname = "ADMIN - " . $temp_user->fullname; $preferences = $temp_user->get_preferences(); break; @@ -49,7 +50,7 @@ switch(scrub_in($_REQUEST['action'])) { if (conf('demo_mode')) { break; } update_preferences($user_id); if ($user_id != '0') { - $temp_user = new User(0,$user_id); + $temp_user = new User($user_id); $fullname = "ADMIN - " . $temp_user->fullname; $preferences = $temp_user->get_preferences(); } @@ -58,7 +59,7 @@ switch(scrub_in($_REQUEST['action'])) { } break; case 'fix_preferences': - $temp_user = new User(0,$user_id); + $temp_user = new User($user_id); $temp_user->fix_preferences(); $preferences = $temp_user->get_preferences(); break; diff --git a/admin/users.php b/admin/users.php index fddf5333..c42c0844 100644 --- a/admin/users.php +++ b/admin/users.php @@ -49,8 +49,7 @@ $temp_user = new User($user_id); switch ($action) { case 'edit': if (conf('demo_mode')) { break; } - show_user_form($temp_user->id, - $temp_user->username, + show_user_form($temp_user->username, $temp_user->fullname, $temp_user->email, $temp_user->access, @@ -82,8 +81,7 @@ switch ($action) { /* If we've got an error then break! */ if ($GLOBALS['error']->error_state) { - show_user_form($temp_user->id, - $thisuser->username, + show_user_form($thisuser->username, $thisuser->fullname, $thisuser->email, $thisuser->access, @@ -152,7 +150,7 @@ switch ($action) { break; case 'show_add_user': if (conf('demo_mode')) { break; } - show_user_form('','','','','','new_user',''); + show_user_form('','','','','new_user',''); break; case 'update': diff --git a/amp-mpd.php b/amp-mpd.php index c77f8ef8..bc4d59f0 100644 --- a/amp-mpd.php +++ b/amp-mpd.php @@ -147,8 +147,8 @@ else { if (!$user->has_access(25)) { break; } $condPL = (conf('condPL')==1 ? 0 : 1); conf(array('condPL' => $condPL),1); - $db_results = mysql_query("UPDATE user_preference, preferences SET user_preference.value='$condPL' ". - "WHERE preferences.name='condPL' AND preferences.id=user_preference.preference AND user ='$user->id'", dbh()); + $pref_id = get_preference_id('condPL'); + $user->update_preference($pref_id,$condPL); mpd_redirect(); break; case "crop": diff --git a/lib/class/catalog.class.php b/lib/class/catalog.class.php index b8907d0a..01ca1a6f 100644 --- a/lib/class/catalog.class.php +++ b/lib/class/catalog.class.php @@ -891,19 +891,26 @@ class Catalog { } // add_to_catalog - /*! - @function get_remote_catalog - @discussion get a remote catalog and runs update if needed - */ + /** + * get_remote_catalog + * get a remote catalog and runs update if needed + * @package XMLRPC + * @catagory Client + * @author Karl Vollmer + * @todo Add support for something besides port 80 + * @todo Add a Pub/Private Key swap in here for extra security + */ function get_remote_catalog($type=0) { + /* Make sure the xmlrpc lib is loaded */ if (!class_exists('xmlrpc_client')) { if (conf('debug')) { log_event($_SESSION['userdata']['username'],'xmlrpc',"Unable to load XMLRPC library"); } echo "<font class=\"error\"><b>" . _("Error") . "</b>: " . _("Unable to load XMLRPC library, make sure XML-RPC is enabled") . "<br />\n"; return false; - } + } // end check for class // first, glean out the information from the path about the server and remote path + // this can't contain the http preg_match("/http:\/\/([^\/]+)\/*(.*)/", $this->path, $match); $server = $match[1]; $path = $match[2]; @@ -914,30 +921,40 @@ class Catalog { else { $client = new xmlrpc_client("/$path/server.php", $server, 80); } - - $f = new xmlrpcmsg('remote_server_query', array(new xmlrpcval( conf('web_path'), "string")) ); - //if (conf('debug')) { $client->setDebug(1); } - $response = $client->send($f); + + $f = new xmlrpcmsg('remote_server_query', array(new xmlrpcval( conf('web_path'), "string")) ); + + if (conf('debug')) { $client->setDebug(1); } + + $response = $client->send($f,30); $value = $response->value(); if ( !$response->faultCode() ) { $data = php_xmlrpc_decode($value); // Print out the catalogs we are going to sync - //FIXME: We should add catalog level access control foreach ($data as $vars) { - $catalog_name = $vars[0]; - print("<b>Reading Remote Catalog: $catalog_name</b> [$this->path]<br />\n"); + $catalog_name = $vars[0]; + $count = $vars[1]; + print("<b>Reading Remote Catalog: $catalog_name ($count Songs)</b> [$this->path]<br />\n"); } - } + // Flush the output + flush(); + + } // if we didn't get an error else { $error_msg = _("Error connecting to") . " " . $server . " " . _("Code") . ": " . $response->faultCode() . " " . _("Reason") . ": " . $response->faultString(); - log_event($_SESSION['userdata']['username'],'xmlrpc',$error_msg); + if (conf('debug')) { log_event($_SESSION['userdata']['username'],'xmlrpc',$error_msg); } echo "<p class=\"error\">$error_msg</p>"; return; } - $f = new xmlrpcmsg('remote_song_query', array(new xmlrpcval( 'song', "string")) ); + $f = new xmlrpcmsg('remote_song_query'); + + /* Depending upon the size of the target catalog this can be a very slow/long process */ + set_time_limit(0); + + // No Timeout on this one because it can be flipping huge $response = $client->send($f); $value = $response->value(); @@ -956,10 +973,13 @@ class Catalog { } // get_remote_catalog - /*! - @function update_remote_catalog - @discussion actually updates from the remote data - */ + /** + * update_remote_catalog + * actually updates from the remote data, takes an array of songs that are base64 encoded and parses them + * @package XMLRPC + * @catagory Client + * @todo This should be based off of seralize + */ function update_remote_catalog($songs,$root_path) { global $settings, $dbh, $artists; diff --git a/lib/class/playlist.class.php b/lib/class/playlist.class.php index 130537af..b17eadc6 100644 --- a/lib/class/playlist.class.php +++ b/lib/class/playlist.class.php @@ -30,7 +30,7 @@ class Playlist { // Variables from DB var $id; var $name; - var $owner; + var $user; var $type; var $time; var $items; @@ -64,13 +64,13 @@ class Playlist { $dbh = dbh(); if ($this->id) { - $sql = "SELECT name, owner, type, date FROM playlist" . + $sql = "SELECT name, user, type, date FROM playlist" . " WHERE id = '$this->id'"; $db_results = mysql_query($sql, $dbh); if ($r = mysql_fetch_object($db_results)) { $this->name = $r->name; - $this->owner = $r->owner; + $this->user = $r->user; $this->type = $r->type; $this->time = $r->date; $this->items = array(); @@ -96,17 +96,17 @@ class Playlist { /*! @function create_playlist - @discussion Creates an empty playlist, given a name, owner_id, and type. + @discussion Creates an empty playlist, given a name, user_id, and type. */ - function create_playlist($name, $owner_id, $type) { + function create_playlist($name, $user, $type) { $dbh = dbh(); - if (isset($name) && isset($owner_id) && isset($type) && $this->check_type($type)) { + if (isset($name) && isset($user) && isset($type) && $this->check_type($type)) { $name = sql_escape($name); $sql = "INSERT INTO playlist" . - " (name, owner, type)" . - " VALUES ('$name', '$owner_id', '$type')"; + " (name, user, type)" . + " VALUES ('$name', '$user', '$type')"; $db_results = mysql_query($sql, $dbh); if ($this->id = mysql_insert_id($dbh)) { $this->refresh_object(); diff --git a/lib/class/stream.class.php b/lib/class/stream.class.php index 999dcbca..d550366c 100644 --- a/lib/class/stream.class.php +++ b/lib/class/stream.class.php @@ -49,7 +49,7 @@ class Stream { } $this->sess = session_id(); - $this->user_id = $_SESSION['userdata']['id']; + $this->user_id = $_SESSION['userdata']['username']; } //constructor diff --git a/lib/class/update.class.php b/lib/class/update.class.php index 5612eb0d..f077daef 100644 --- a/lib/class/update.class.php +++ b/lib/class/update.class.php @@ -229,13 +229,13 @@ class Update { $version[] = array('version' => '332001', 'description' => $update_string); - return $version; - $update_string = "- Removed every Instance of User->ID *Note* This update clears Now Playing.<br />" . "- Added field allowing for Dynamic Playlists.<br />" . "- Added required table/fields for security related IP Tracking.<br />"; - //$version[] = array('version' => '332002', 'description' => $update_string); + $version[] = array('version' => '332002', 'description' => $update_string); + + return $version; } // populate_version @@ -960,8 +960,18 @@ class Update { function update_332002() { -// $sql = "CREATE TABLE `ip_history` (`username` VARCHAR(128), `ip` INT(11) UNSIGNED NOT NULL DEFAULT '0', " . -// "`connections` INT(11) UNSIGNED NOT NULL DEFAULT '1', `date` INT(11) UNSIGNED NOT NULL DEFAULT '0')"; + $sql = "CREATE TABLE `ip_history` (`username` VARCHAR(128), `ip` INT(11) UNSIGNED NOT NULL DEFAULT '0', " . + "`connections` INT(11) UNSIGNED NOT NULL DEFAULT '1', `date` INT(11) UNSIGNED NOT NULL DEFAULT '0')"; + $db_results = mysql_query($sql, dbh()); + + $sql = "ALTER TABLE `ip_history` ADD INDEX ( `username` )"; + $db_results = mysql_query($sql, dbh()); + + $sql = "ALTER TABLE `ip_history` ADD INDEX ( `date` )"; + $db_results = mysql_query($sql, dbh()); + + $sql = "ALTER TABLE `session` ADD `ip` INT( 11 ) UNSIGNED AFTER `value`"; + $db_results = mysql_query($sql, dbh()); $sql = "ALTER TABLE `object_count` CHANGE `object_type` `object_type` ENUM( 'album', 'artist', 'song', 'playlist', 'genre', 'catalog' ) NOT NULL DEFAULT 'song'"; $db_results = mysql_query($sql, dbh()); @@ -982,10 +992,10 @@ class Update { } /* It's time for some serious DB Clean Up. Nuke this stuff from Orbit! */ - $sql = "ALTER TABLE `catalog DROP `private`"; + $sql = "ALTER TABLE `catalog` DROP `private`"; $db_results = mysql_query($sql, dbh()); - $sql = "ALTER TABLE `catalog` CHANGE `enabled` `enabled` TINYINT UNSIGNED NOT NULL DEFAULT '1'"; + $sql = "ALTER TABLE `catalog` CHANGE `enabled` `enabled` TINYINT ( 1 ) UNSIGNED NOT NULL DEFAULT '1'"; $db_results = mysql_query($sql, dbh()); /* @@ -1158,6 +1168,8 @@ class Update { $sql = "ALTER TABLE `user` DROP `id`"; $db_results = mysql_query($sql, dbh()); + $this->set_version('db_version', '332002'); + } // update_332002 diff --git a/lib/class/user.class.php b/lib/class/user.class.php index c3736c78..70271e41 100644 --- a/lib/class/user.class.php +++ b/lib/class/user.class.php @@ -30,7 +30,6 @@ class User { //Basic Componets var $username; - var $id=0; var $fullname; var $access; var $disabled; @@ -38,18 +37,15 @@ class User { var $email; var $last_seen; - function User($username=0,$uid=0) { + function User($username=0) { - if (!$username && !$uid) { + if (!$username) { return true; } $this->username = $username; - $this->id = $uid; $info = $this->get_info(); $this->username = $info->username; - $this->id = $info->id; - $this->id = $info->id; $this->fullname = $info->fullname; $this->access = $info->access; $this->disabled = $info->disabled; @@ -70,12 +66,8 @@ class User { */ function get_info() { - if ($this->username) { - $sql = "SELECT * FROM user WHERE username='$this->username'"; - } - else { - $sql = "SELECT * FROM user WHERE id='$this->id'"; - } + $sql = "SELECT * FROM user WHERE username='$this->username'"; + $db_results = mysql_query($sql, dbh()); return mysql_fetch_object($db_results); @@ -89,7 +81,8 @@ class User { */ function get_preferences() { - $sql = "SELECT preferences.name, preferences.description, preferences.type, user_preference.value FROM preferences,user_preference WHERE user_preference.user='$this->id' AND user_preference.preference=preferences.id AND preferences.type='user'"; + $sql = "SELECT preferences.name, preferences.description, preferences.type, user_preference.value FROM preferences,user_preference " . + "WHERE user_preference.user='$this->username' AND user_preference.preference=preferences.id AND preferences.type='user'"; $db_results = mysql_query($sql, dbh()); while ($r = mysql_fetch_object($db_results)) { @@ -107,7 +100,7 @@ class User { */ function set_preferences() { - $sql = "SELECT preferences.name,user_preference.value FROM preferences,user_preference WHERE user_preference.user='$this->id' " . + $sql = "SELECT preferences.name,user_preference.value FROM preferences,user_preference WHERE user_preference.user='$this->username' " . "AND user_preference.preference=preferences.id AND preferences.type='user'"; $db_results = mysql_query($sql, dbh()); @@ -126,7 +119,7 @@ class User { $sql = "SELECT * FROM object_count" . " WHERE count > 0" . " AND object_type = '$type'" . - " AND userid = '" . $this->id . "'" . + " AND userid = '" . $this->username . "'" . " ORDER BY count DESC LIMIT " . conf('popular_threshold'); $db_result = mysql_query($sql, dbh()); @@ -189,7 +182,7 @@ class User { */ function is_logged_in() { - $sql = "SELECT id FROM session WHERE username='$this->id'" . + $sql = "SELECT id FROM session WHERE username='$this->username'" . " AND expire > ". time(); $db_results = mysql_query($sql,dbh()); @@ -220,37 +213,40 @@ class User { } // has_access - /*! - @function update_preference - @discussion updates a single preference if the query fails - it attempts to insert the preference instead - */ - function update_preference($preference_id, $value, $id=0) { - - if (!$id) { - $id = $this->id; - } + /** + * update_preference + * updates a single preference if the query fails + * it attempts to insert the preference instead + * @package User + * @catagory Class + * @todo Do a has_preference_access check + */ + function update_preference($preference_id, $value, $username=0) { + + if (!$username) { + $username = $this->username; + } $value = sql_escape($value); - //FIXME: - // Do a has_access check here... + $sql = "UPDATE user_preference SET value='$value' WHERE user='$username' AND preference='$preference_id'"; - $sql = "UPDATE user_preference SET value='$value' WHERE user='$id' AND preference='$preference_id'"; $db_results = @mysql_query($sql, dbh()); } // update_preference - /*! - @function add_preference - @discussion adds a new preference - @param $key preference name - @param $value preference value - @param $id user is - */ - function add_preference($preference_id, $value, $id=0) { + /** + * add_preference + * adds a new preference + * @package User + * @catagory Class + * @param $key preference name + * @param $value preference value + * @param $id user is + */ + function add_preference($preference_id, $value, $username=0) { - if (!$id) { - $id = $this->id; + if (!$username) { + $username = $this->username; } $value = sql_escape($value); @@ -262,7 +258,7 @@ class User { $preference_id = $r[0]; } // end if it's not numeric - $sql = "INSERT user_preference SET `user`='$id' , `value`='$value' , `preference`='$preference_id'"; + $sql = "INSERT user_preference SET `user`='$username' , `value`='$value' , `preference`='$preference_id'"; $db_results = mysql_query($sql, dbh()); } // add_preference @@ -274,7 +270,8 @@ class User { function update_username($new_username) { $new_username = sql_escape($new_username); - $sql = "UPDATE user SET username='$new_username' WHERE id='$this->id'"; + $sql = "UPDATE user SET username='$new_username' WHERE username='$this->username'"; + $this->username = $new_username; $db_results = mysql_query($sql, dbh()); } // update_username @@ -286,7 +283,7 @@ class User { function update_fullname($new_fullname) { $new_fullname = sql_escape($new_fullname); - $sql = "UPDATE user SET fullname='$new_fullname' WHERE id='$this->id'"; + $sql = "UPDATE user SET fullname='$new_fullname' WHERE username='$this->username'"; $db_results = mysql_query($sql, dbh()); } // update_username @@ -298,7 +295,7 @@ class User { function update_email($new_email) { $new_email = sql_escape($new_email); - $sql = "UPDATE user SET email='$new_email' WHERE id='$this->id'"; + $sql = "UPDATE user SET email='$new_email' WHERE username='$this->username'"; $db_results = mysql_query($sql, dbh()); } // update_email @@ -310,44 +307,47 @@ class User { function update_offset($new_offset) { $new_offset = sql_escape($new_offset); - $sql = "UPDATE user SET offset_limit='$new_offset' WHERE id='$this->id'"; + $sql = "UPDATE user SET offset_limit='$new_offset' WHERE username='$this->username'"; $db_results = mysql_query($sql, dbh()); } // update_offset - /*! - @function update_access - @discussion updates their access level - */ + /** + * update_access + * updates their access level + * @todo Remove References to the named version of access + */ function update_access($new_access) { /* Check for all disable */ if ($new_access == 'disabled') { - $sql = "SELECT id FROM user WHERE disabled != '1' AND id != '$this->id'"; + $sql = "SELECT username FROM user WHERE disabled != '1' AND username != '$this->username'"; $db_results = mysql_query($sql,dbh()); if (!mysql_num_rows($db_results)) { return false; } } /* Prevent Only User accounts */ if ($new_access == 'user') { - $sql = "SELECT id FROM user WHERE (access='admin' OR access='100') AND id != '$this->id'"; + $sql = "SELECT username FROM user WHERE (access='admin' OR access='100') AND username != '$this->username'"; $db_results = mysql_query($sql, dbh()); if (!mysql_num_rows($db_results)) { return false; } } if ($new_access == 'enabled') { $new_access = sql_escape($new_access); - $sql = "UPDATE user SET disabled='0' WHERE id='$this->id'"; + $sql = "UPDATE user SET disabled='0' WHERE username='$this->username'"; $db_results = mysql_query($sql, dbh()); - } elseif ($new_access == 'disabled') { + + } + elseif ($new_access == 'disabled') { $new_access = sql_escape($new_access); - $sql = "UPDATE user SET disabled='1' WHERE id='$this->id'"; + $sql = "UPDATE user SET disabled='1' WHERE username='$this->username'"; $db_results = mysql_query($sql, dbh()); $sql = "DELETE FROM session WHERE username='" . sql_escape($this->username) . "'"; $db_results = mysql_query($sql, dbh()); } else { $new_access = sql_escape($new_access); - $sql = "UPDATE user SET access='$new_access' WHERE id='$this->id'"; + $sql = "UPDATE user SET access='$new_access' WHERE username='$this->username'"; $db_results = mysql_query($sql, dbh()); } @@ -359,7 +359,7 @@ class User { */ function update_last_seen() { - $sql = "UPDATE user SET last_seen='" . time() . "' WHERE id='$this->id'"; + $sql = "UPDATE user SET last_seen='" . time() . "' WHERE username='$this->username'"; $db_results = mysql_query($sql, dbh()); } // update_last_seen @@ -372,7 +372,7 @@ class User { function update_stats($song_id) { $song_info = new Song($song_id); - $user = $this->id; + $user = $this->username; $dbh = dbh(); if (!$song_info->file) { return false; } @@ -454,12 +454,11 @@ class User { " ('$username','$fullname','$email',PASSWORD('$password'),'$access')"; $db_results = mysql_query($sql, dbh()); if (!$db_results) { return false; } - $user_id = mysql_insert_id(dbh()); /* Populates any missing preferences, in this case all of them */ - $this->fix_preferences($user_id); + $this->fix_preferences($username); - return $user_id; + return $username; } // new @@ -469,7 +468,7 @@ class User { */ function update_password($new_password) { - $sql = "UPDATE user SET password=PASSWORD('$new_password') WHERE id='$this->id'"; + $sql = "UPDATE user SET password=PASSWORD('$new_password') WHERE username='$this->username'"; $db_results = mysql_query($sql, dbh()); return true; @@ -505,16 +504,19 @@ class User { } // format_favorites /*! - @function fix_preferences - @discussion this makes sure that the specified user - has all the correct preferences. This function - should be run whenever a system preference is run - it's a cop out... FIXME! - */ + * fix_preferences + * this makes sure that the specified user + * has all the correct preferences. This function + * should be run whenever a system preference is run + * it's a cop out... FIXME! + * @todo Fix it so this isn't a hack + * @pacakge User + * @catagory Class + */ function fix_preferences($user_id = 0) { if (!$user_id) { - $user_id = $this->id; + $user_id = $this->username; } /* Get All Preferences */ @@ -575,7 +577,7 @@ class User { */ function delete_stats() { - $sql = "DELETE FROM object_count WHERE userid='" . $this->id . "'"; + $sql = "DELETE FROM object_count WHERE userid='" . $this->username . "'"; $db_results = mysql_query($sql, dbh()); } // delete_stats @@ -591,7 +593,7 @@ class User { admin */ if ($this->has_access(100)) { - $sql = "SELECT * FROM user WHERE (level='admin' OR level='100') AND id!='" . $this->id . "'"; + $sql = "SELECT * FROM user WHERE (level='admin' OR level='100') AND username!='" . $this->username . "'"; $db_results = mysql_query($sql, dbh()); if (!mysql_num_rows($db_results)) { return false; @@ -599,19 +601,19 @@ class User { } // if this is an admin check for others // Delete their playlists - $sql = "DELETE FROM playlist WHERE owner='$this->id'"; + $sql = "DELETE FROM playlist WHERE user='$this->username'"; $db_results = mysql_query($sql, dbh()); // Delete any stats they have - $sql = "DELETE FROM object_count WHERE userid='$this->id'"; + $sql = "DELETE FROM object_count WHERE userid='$this->username'"; $db_results = mysql_query($sql, dbh()); // Delete their preferences - $sql = "DELETE FROM preferences WHERE user='$this->id'"; + $sql = "DELETE FROM preferences WHERE user='$this->username'"; $db_results = mysql_query($sql, dbh()); // Delete the user itself - $sql = "DELETE FROM user WHERE id='$this->id'"; + $sql = "DELETE FROM user WHERE username='$this->username'"; $db_results = mysql_query($sql, dbh()); return true; diff --git a/lib/flag.php b/lib/flag.php index 01b3ba9f..da371793 100644 --- a/lib/flag.php +++ b/lib/flag.php @@ -87,7 +87,7 @@ function get_flag($id) $results = array(); $newid = array_pop($id); $sql = "SELECT flagged.id,user.username,type,song,date,comment" . - " FROM flagged,user WHERE flagged.user = user.id AND (flagged.song = '$newid'"; + " FROM flagged,user WHERE flagged.user = user.username AND (flagged.song = '$newid'"; foreach($id as $num) { $sql .= " OR flagged.song = '$num'"; @@ -106,18 +106,18 @@ function get_flag($id) function get_flagged_songs($user = 0) { $sql = "SELECT flagged.id,user.username,type,song,date,comment" . - " FROM flagged,user WHERE flagged.user = user.id AND flagged.type <> 'notify' AND flagged.type <> 'done'"; + " FROM flagged,user WHERE flagged.user = user.username AND flagged.type <> 'notify' AND flagged.type <> 'done'"; // If the user is not an admin, they can only see songs they've flagged if($user) { if($_SESSION['userdata']['access'] === 'admin') { - $sql .= " AND user.id = '$user'"; + $sql .= " AND user.username = '$user'"; } else { - $sql .= " AND user.id = '".$_SESSION['userdata']['id']."'"; + $sql .= " AND user.username = '".$_SESSION['userdata']['username']."'"; } } diff --git a/lib/general.lib.php b/lib/general.lib.php index 38afb2e8..ee32d328 100644 --- a/lib/general.lib.php +++ b/lib/general.lib.php @@ -514,7 +514,7 @@ function get_random_songs( $options, $matchlist) { $query = "SELECT song.id FROM song WHERE $artists_where ORDER BY RAND()"; } elseif ($options['unplayed'] == 1) { - $uid = $_SESSION['userdata']['id']; + $uid = $_SESSION['userdata']['username']; $query = "SELECT song.id FROM song LEFT JOIN object_count ON song.id = object_count.object_id " . "WHERE ($where) AND ((object_count.object_type='song' AND userid = '$uid') OR object_count.count IS NULL ) " . "ORDER BY CASE WHEN object_count.count IS NULL THEN RAND() WHEN object_count.count > 4 THEN RAND()*RAND()*object_count.count " . diff --git a/lib/mpd.php b/lib/mpd.php index 376bbedc..232fc892 100644 --- a/lib/mpd.php +++ b/lib/mpd.php @@ -35,11 +35,11 @@ function addToPlaylist( $myMpd, $song_ids=array()) { if ($GLOBALS['user']->prefs['play_type'] == 'downsample') { $ds = $GLOBALS['user']->prefs['sample_rate']; } - $song_url = conf('web_path') . "/play/index.php?song=$song_id&uid=" . $GLOBALS['user']->id . "&sid=$sess_id&ds=$ds&name=." . $song->type; + $song_url = conf('web_path') . "/play/index.php?song=$song_id&uid=" . $GLOBALS['user']->username . "&sid=$sess_id&ds=$ds&name=." . $song->type; if (is_null( $myMpd->PlAdd($song_url) ) ) { $log_line = _("Error") . ": " . _("Could not add") . ": " . $song_url . " : " . $myMpd->errStr; echo "<font class=\"error\">$log_line</font><br />\n"; - log_event($GLOBALS['user']->username,'add',$log_line); + if (conf('debug')) { log_event($GLOBALS['user']->username,'add',$log_line); } } // if it's null } // if we want urls else { @@ -48,7 +48,7 @@ function addToPlaylist( $myMpd, $song_ids=array()) { if( is_null( $myMpd->PLAdd( $song_filename ) ) ) { $log_line = _("Error") . ": " . _("Could not add") . ": " . $song_filename . " : " . $myMpd->errStr; echo "<font class=\"error\">$log_line</font><br />\n"; - log_event($_SESSION['userdata']['username'],'add',$log_line); + if (conf('debug')) { log_event($_SESSION['userdata']['username'],'add',$log_line); } } // end if it's null // We still need to count if they use the file method else { diff --git a/lib/preferences.php b/lib/preferences.php index 183bcf6f..a9920703 100644 --- a/lib/preferences.php +++ b/lib/preferences.php @@ -281,4 +281,22 @@ function create_preference_input($name,$value) { } // create_preference_input +/** + * get_preference_id + * This takes the name of a preference and returns it's id this is usefull for calling + * the user classes update_preference function + * @package Preferences + * @catagory Get + */ +function get_preference_id($name) { + + $sql = "SELECT id FROM preferences WHERE name='" . sql_escape($name) . "'"; + $db_results = mysql_query($sql, dbh()); + + $results = mysql_fetch_assoc($db_results); + + return $results['id']; + +} // get_preference_id + ?> diff --git a/lib/ui.lib.php b/lib/ui.lib.php index 1f23fd2a..126aa5d0 100644 --- a/lib/ui.lib.php +++ b/lib/ui.lib.php @@ -84,7 +84,7 @@ function get_preferences($username=0) { $user = new User($username); - $sql = "SELECT preferences.name,user_preference.value FROM preferences,user_preference WHERE user_preference.user='$user->id'" . + $sql = "SELECT preferences.name,user_preference.value FROM preferences,user_preference WHERE user_preference.user='$user->username'" . " AND user_preference.preference=preferences.id"; $db_results = mysql_query($sql, dbh()); @@ -457,7 +457,7 @@ function get_now_playing() { while ($r = mysql_fetch_assoc($db_results)) { $song = new Song($r['song_id']); $song->format_song(); - $np_user = new User(0,$r['user_id']); + $np_user = new User($r['user_id']); $results[] = array('song'=>$song,'user'=>$np_user); } // end while return $results; diff --git a/lib/xmlrpc.php b/lib/xmlrpc.php index 63473dc6..a9d71bc7 100644 --- a/lib/xmlrpc.php +++ b/lib/xmlrpc.php @@ -41,7 +41,7 @@ function remote_server_query($m) { $result = array(); // we only want to send the local entries - $sql = "SELECT name FROM catalog WHERE catalog_type='local'"; + $sql = "SELECT name,COUNT(song.id) FROM catalog LEFT JOIN song ON catalog.id = song.catalog WHERE catalog_type='local' GROUP BY catalog.id"; $db_result = mysql_query($sql, dbh()); while ( $i = mysql_fetch_row($db_result) ) { diff --git a/modules/admin.php b/modules/admin.php index 5ce7bf6d..7385d9fd 100644 --- a/modules/admin.php +++ b/modules/admin.php @@ -56,7 +56,7 @@ function show_manage_users () { @function show_user_form @discussion shows the user form */ -function show_user_form ($id, $username, $fullname, $email, $access, $type, $error) { +function show_user_form ($username, $fullname, $email, $access, $type, $error) { require(conf('prefix').'/templates/userform.inc'); @@ -238,7 +238,7 @@ function delete_user ($username) { $db_result = mysql_query($sql, dbh()); // also delete playlists for user - $sql = "DELETE FROM playlist WHERE owner='$username'"; + $sql = "DELETE FROM playlist WHERE username='$username'"; $db_result = mysql_query($sql, dbh()); delete_user_stats('all'); diff --git a/modules/init.php b/modules/init.php index 9699e96e..a98b9045 100644 --- a/modules/init.php +++ b/modules/init.php @@ -83,7 +83,7 @@ if (!$results['conf']['allow_stream_playback']) { } $results['conf']['web_path'] = $http_type . $_SERVER['HTTP_HOST'] . $results['conf']['web_path']; -$results['conf']['version'] = '3.3.2-Alpha1 (Build 002)'; +$results['conf']['version'] = '3.3.2-Alpha1 (Build 003)'; $results['conf']['catalog_file_pattern']= 'mp3|mpc|m4p|m4a|mp4|aac|ogg|rm|wma|asf|flac|spx'; $results['libglue']['local_table'] = 'session'; $results['libglue']['local_sid'] = 'id'; @@ -96,7 +96,8 @@ $results['libglue']['mysql_usercol'] = 'username'; $results['libglue']['mysql_passwdcol'] = 'password'; $results['libglue']['local_dbh_name'] = 'local_dbh'; $results['libglue']['auth_methods'] = 'mysql'; -$results['libglue']['mysql_fields'] = 'id,username,fullname,email,access,offset_limit'; +$results['libglue']['user_username'] = 'username'; +$results['libglue']['mysql_fields'] = 'username,fullname,email,access,offset_limit'; $results['libglue']['mysql_host'] = $results['libglue']['local_host']; $results['libglue']['mysql_db'] = $results['libglue']['local_db']; $results['libglue']['mysql_username'] = $results['libglue']['local_username']; @@ -259,14 +260,12 @@ if (!conf('use_auth')) { if (!check_session()) { make_local_session_only($auth); } $user = new User(0); $user->fullname = $auth['info']['fullname']; - $user->id = $auth['info']['id']; $user->offset_limit = $auth['info']['offset_limit']; $user->username = $auth['info']['username']; $user->access = $auth['info']['access']; $_SESSION['userdata']['access'] = $auth['info']['access']; $_SESSION['userdata']['username'] = $auth['info']['username']; $_SESSION['userdata']['offset_limit'] = $auth['info']['offset_limit']; - $_SESSION['userdata']['id'] = $auth['info']['id']; $user->set_preferences(); get_preferences(); set_theme(); diff --git a/modules/lib.php b/modules/lib.php index 6ba1d956..2d8adef8 100644 --- a/modules/lib.php +++ b/modules/lib.php @@ -483,7 +483,7 @@ function get_flagged() { $sql = "SELECT flagged.id, user.username, type, song, date, comment" . " FROM flagged, user" . - " WHERE flagged.user = user.id" . + " WHERE flagged.user = user.username" . " ORDER BY date"; $db_result = mysql_query($sql, $dbh); @@ -679,7 +679,7 @@ function show_songs ($song_ids, $playlist_id=0, $album=0) { // Get info about playlist owner if (isset($playlist_id) && $playlist_id != 0) { - $sql = "SELECT owner FROM playlist WHERE id = '$playlist_id'"; + $sql = "SELECT user FROM playlist WHERE id = '$playlist_id'"; $db_result = mysql_query($sql, $dbh); if ($r = mysql_fetch_array($db_result)) { $pluser = get_user_byid($r[0]); @@ -923,25 +923,25 @@ function show_playlists ($type = 'all') { return true; } elseif ($type == 'public') { - $sql = "SELECT id,name,owner,date ". + $sql = "SELECT id,name,user,date ". " FROM playlist ". " WHERE type='public'". " ORDER BY name"; } elseif ($type == 'private') { - $sql = "SELECT id,name,owner,date ". + $sql = "SELECT id,name,user,date ". " FROM playlist ". " WHERE type='private'" . - " AND owner = '$user->id'" . + " AND user = '$user->username'" . " AND name <> 'Temporary'". " ORDER BY name"; } elseif ($type == 'adminprivate') { if ( $user->access === 'admin' ) { - $sql = "SELECT id,name,owner,date ". + $sql = "SELECT id,name,user,date ". " FROM playlist ". " WHERE type='private'" . - " AND owner != '$user->id'" . + " AND username != '$user->username'" . " AND name <> 'Temporary'". " ORDER BY name"; } @@ -977,7 +977,7 @@ ECHO; while ( $r = mysql_fetch_array($db_result) ) { $plname = $r['name']; $plid = $r['id']; - $pluser = get_user_byid($r['owner']); + $pluser = new User($r['user']); $plfullname = $pluser->fullname; $plowner = $pluser->username; @@ -994,7 +994,7 @@ ECHO; echo " <td>$plfullname</td>\n"; echo " <td><a href=\"$web_path/playlist.php?playlist_id=$plid&action=view_list\">" . _("View") . "</a></td>\n"; - if ($user->id == $pluser->id || $user->access === 'admin') { + if ($user->username == $pluser->username || $user->has_access(100)) { echo " <td><a href=\"$web_path/playlist.php?playlist_id=$plid&action=edit\">" . _("Edit") . "</a></td>\n"; echo " <td><a href=\"$web_path/playlist.php?playlist_id=$plid&action=delete_playlist\">" . _("Delete") . "</a></td>\n"; } @@ -1157,7 +1157,7 @@ function check_playlist_access ($playlist_id, $username) { $sql = "SELECT playlist.id FROM playlist, user" . " WHERE playlist.id = '$playlist_id'" . - " AND playlist.owner = user.id" . + " AND playlist.user = user.username" . " AND user.username = '$username'"; $db_result = mysql_query($sql, $dbh); @@ -1187,9 +1187,9 @@ function show_playlist_dropdown ($playlist_id=0) { global $settings; $dbh = dbh(); - $userid = scrub_in($_SESSION['userdata']['id']); + $userid = scrub_in($_SESSION['userdata']['username']); $sql = "SELECT * FROM playlist" . - " WHERE owner = '$userid'" . + " WHERE user = '$userid'" . " AND name <> 'Temporary'" . " ORDER BY name"; $db_result = @mysql_query($sql, $dbh); @@ -1216,7 +1216,7 @@ ECHO; function show_playlist_access_error ($playlist, $username) { $plname = $playlist->name; - $pluser = new User($playlist->owner); + $pluser = new User($playlist->user); $plowner = $pluser->username; print <<<ECHO diff --git a/play/index.php b/play/index.php index 8555f444..3772d8de 100644 --- a/play/index.php +++ b/play/index.php @@ -39,7 +39,7 @@ $sid = htmlspecialchars($_REQUEST['sid']); /* Misc Housework */ $dbh = dbh(); -$user = new User(0,$uid); +$user = new User($uid); if (conf('require_session') && !conf('xml_rpc')) { if(!session_exists($sid)) { @@ -90,7 +90,10 @@ if ( isset( $uid ) ) { echo "Error: No Song"; exit; } - if ($song->status === 'disabled') { + if ($song->status == '0') { + if (conf('debug')) { + log_event($user->username,' song_disabled ',"Error: $song->file is currently disabled, song skipped"); + } exit; } if ($user->disabled == '1') { @@ -100,9 +103,9 @@ if ( isset( $uid ) ) { echo "Error: User Disabled"; exit; } - if (!$user->id && !$user->is_xmlrpc()) { + if (!$user->username && !$user->is_xmlrpc()) { if (conf('debug')) { - log_event($user->username,' user_not_found ',"Error $user->id not found, stream access denied"); + log_event($user->username,' user_not_found ',"Error $user->username not found, stream access denied"); } echo "Error: No User Found"; exit; diff --git a/play/pupload.php b/play/pupload.php index 2290a59d..e7de7a6c 100644 --- a/play/pupload.php +++ b/play/pupload.php @@ -78,13 +78,13 @@ $site->get_preferences(); // require a uid and valid song
if ( isset( $uid ) ) {
// Create the user object if possible
- $user = new User(0,$uid);
+ $user = new User($uid);
$song = $site->prefs['upload_dir'] . $song;
if (!file_exists ( $song )) { echo "Error: No Song"; exit; }
if ($user->access === 'disabled') { echo "Error: User Disabled"; exit; }
- if (!$user->id && !$user->is_xmlrpc()) { echo "Error: No User Found"; exit; }
+ if (!$user->username && !$user->is_xmlrpc()) { echo "Error: No User Found"; exit; }
}
else {
@@ -136,7 +136,7 @@ if ( $_REQUEST['action'] == 'm3u' ) { $song_name = $artist . " - " . $title . "." . $type;
$sess = $_COOKIE[libglue_param('sess_name')];
//echo "Song Name: $song_name<BR>\n";
- $url = escapeshellarg("$web_path/play/pupload.php?song=$song_nm&uid=$user->id&sid=$sess");
+ $url = escapeshellarg("$web_path/play/pupload.php?song=$song_nm&uid=$user->username&sid=$sess");
$localplay_add = conf('localplay_add');
$localplay_add = str_replace("%URL%", $url, $localplay_add);
//echo "Executing: $localplay_add<BR>";
@@ -165,7 +165,7 @@ if ( $_REQUEST['action'] == 'm3u' ) { $sess = $_COOKIE[libglue_param('sess_name')];
if($temp_user->prefs['down-sample'] == 'true')
$ds = $temp_user->prefs['sample_rate'];
- echo "$web_path/play/pupload.php?song=" . rawurlencode($song_nm) . "&uid=$user->id&sid=$sess";
+ echo "$web_path/play/pupload.php?song=" . rawurlencode($song_nm) . "&uid=$user->username&sid=$sess";
}
exit;
diff --git a/playlist.php b/playlist.php index 34393f21..912058cb 100644 --- a/playlist.php +++ b/playlist.php @@ -104,7 +104,7 @@ $playlist = new Playlist($playlist_id); if ( isset($playlist_id) && ($playlist_id != 0) && $_REQUEST['action'] != 'delete_playlist' ) { // Get the playlist and check access - $pluser = new User(0,$playlist->owner); + $pluser = new User($playlist->user); if (! isset($playlist->id)) { show_playlist_access_error($playlist_id, $pluser->username); @@ -114,7 +114,7 @@ if ( isset($playlist_id) && ($playlist_id != 0) && $_REQUEST['action'] != 'delet echo "<span class=\"header2\">$playlist->name</span><br />"; echo " " . _("owned by") . " $pluser->fullname ($pluser->username)<br />"; echo "<ul>"; - if ($pluser->id == $user->id || $user->access === 'admin') { + if ($pluser->username == $user->username || $user->access === 'admin') { echo "<li><a href=\"" . conf('web_path') . "/playlist.php?action=edit&playlist_id=$playlist->id\">" . _("Edit Playlist") . "</a></li>\n"; } if (count($playlist->get_songs()) > 0) { @@ -133,7 +133,7 @@ switch($action) { if ($playlist_id == 0) { // Creating a new playlist $playlist_name = _("New Playlist") . " - " . date("m/j/y, g:i a"); - $playlist->create_playlist($playlist_name, $user->id, 'private'); + $playlist->create_playlist($playlist_name, $user->username, 'private'); } if ($type === 'album') { @@ -150,7 +150,7 @@ switch($action) { break; case 'Create': - $playlist->create_playlist($playlist_name, $user->id, $type); + $playlist->create_playlist($playlist_name, $user->username, $type); show_playlists(); break; diff --git a/preferences.php b/preferences.php index f1974efa..732805d4 100644 --- a/preferences.php +++ b/preferences.php @@ -39,7 +39,7 @@ switch(scrub_in($_REQUEST['action'])) { set_theme(); break; default: - $user_id = $user->id; + $user_id = $user->username; $preferences = $user->get_preferences(); break; @@ -112,7 +112,7 @@ elseif ( $_REQUEST['popular_songs'] ) { $song_ids = get_popular_songs($_REQUEST['popular_songs'], 'global'); } elseif ( $_REQUEST['your_popular_songs'] ) { - $song_ids = get_popular_songs($_REQUEST['your_popular_songs'], 'your', $user->id); + $song_ids = get_popular_songs($_REQUEST['your_popular_songs'], 'your', $user->username); } @@ -25,7 +25,7 @@ require_once("modules/init.php"); //FIXME: Remove references -$uid = $user->id; +$uid = $GLOBALS['user']->username; show_template('header'); show_menu_items('Stats'); diff --git a/templates/show_songs.inc b/templates/show_songs.inc index 447956e8..5eb809c5 100644 --- a/templates/show_songs.inc +++ b/templates/show_songs.inc @@ -29,7 +29,7 @@ $web_path = conf('web_path'); <table class="border" cellspacing="0" cellpadding="0" border="0"> <tr class="table-header"> <th> <a href="#" onclick="check_songs(); return false;">Select</a></th> - <?php if (isset($playlist_id) && $playlist_id != 0 && ($user->id == $pluser->id || $user->has_access('100'))) { $tab = 1; ?> <th><?php echo _("Track"); ?></th> <?php } ?> + <?php if (isset($playlist_id) && $playlist_id != 0 && ($user->username == $pluser->username || $user->has_access('100'))) { $tab = 1; ?> <th><?php echo _("Track"); ?></th> <?php } ?> <th><?php echo _("Song title"); ?></th> <th><?php echo _("Artist"); ?></th> <th><?php echo _("Album"); ?></th> @@ -58,7 +58,7 @@ $web_path = conf('web_path'); <input type="checkbox" name="song[]" value="<?php echo $song->id; ?>" id="song_<?php echo $song->id; ?>"></input> </td> <?php - if (isset($playlist_id) && $playlist_id != 0 && ($user->id == $pluser->id || $user->has_access('100'))) { + if (isset($playlist_id) && $playlist_id != 0 && ($user->username == $pluser->username || $user->has_access('100'))) { $tracknum = get_playlist_track_from_song($playlist_id, $song->id); ?> <td> @@ -110,7 +110,7 @@ $web_path = conf('web_path'); | <a href="<?php echo $web_path; ?>/download/index.php?action=download&song_id=<?php echo $song->id; ?>&fn=<?php echo rawurlencode($song->f_artist_full . " - " . $song->title . "." . $song->type); ?>"><?php echo _("Download"); ?></a> <?php } ?> <?php if ($user->prefs['direct_link']) { ?> - | <a href="<?php echo $web_path; ?>/play/index.php?song=<?php echo $song->id; ?>&uid=<?php echo $user->id . "&sid=" . session_id(); ?>&fn=<?php echo rawurlencode($song->f_artist_full . " - " . $song->title . "." . $song->type); ?>"><?php echo _("Direct Link"); ?></a> + | <a href="<?php echo $web_path; ?>/play/index.php?song=<?php echo $song->id; ?>&uid=<?php echo $user->username . "&sid=" . session_id(); ?>&fn=<?php echo rawurlencode($song->f_artist_full . " - " . $song->title . "." . $song->type); ?>"><?php echo _("Direct Link"); ?></a> <?php } ?> </td> </tr> @@ -127,7 +127,7 @@ $web_path = conf('web_path'); ?> <tr class="table-header"> <td></td> - <?php if (isset($playlist_id) && $playlist_id != 0 && ($user->id == $pluser->id || $user->access === 'admin')) { ?> <td></td> <?php } ?> + <?php if (isset($playlist_id) && $playlist_id != 0 && ($user->username == $pluser->username || $user->access === 'admin')) { ?> <td></td> <?php } ?> <td><?php echo _("Total"); ?>:</td> <td nowrap="nowrap"><?php echo $num; ?> song(s)</td> <td></td> diff --git a/templates/show_users.inc b/templates/show_users.inc index 8ef7048a..759ba458 100644 --- a/templates/show_users.inc +++ b/templates/show_users.inc @@ -87,7 +87,7 @@ while ( $results = mysql_fetch_object($db_result) ) { </a> </td> <td> - <a href="<?php echo conf('web_path'); ?>/admin/preferences.php?action=user&user_id=<?php echo $user->id; ?>"> + <a href="<?php echo conf('web_path'); ?>/admin/preferences.php?action=user&user_id=<?php echo $user->username; ?>"> <?php echo _("Prefs"); ?> </a> </td> diff --git a/templates/userform.inc b/templates/userform.inc index 6ff5bfc9..59af787c 100644 --- a/templates/userform.inc +++ b/templates/userform.inc @@ -35,7 +35,6 @@ else { <?php $GLOBALS['error']->print_error('general'); ?> <form name="update_user" method="post" action="<?php echo conf('web_path') . "/admin/users.php"; ?>"> <table class="text-box" cellspacing="0" cellpadding="0" border="0"> - <tr> <td> <?php echo _("Username"); ; ?>: @@ -157,7 +157,7 @@ switch ($action) { $message[$music] .= _("Successfully-Quarantined");
/* Log the upload */
$sql = "INSERT INTO upload (`user`,`file`,`addition_time`)" .
- " VALUES ('$user->id','" . sql_escape($fullpath) . "','" . time() . "')";
+ " VALUES ('$user->username','" . sql_escape($fullpath) . "','" . time() . "')";
$db_results = mysql_query($sql, dbh());
} // if quarantine
@@ -296,7 +296,7 @@ if ( $handle = @opendir($user->prefs['upload_dir'] ) ){ echo " <td><a href='" . $web_path .
- "/play/pupload.php?action=m3u&song=$file&uid=$user->id'>" .
+ "/play/pupload.php?action=m3u&song=$file&uid=$user->username'>" .
$results[$key][title] . "</a></td>\n";
|