diff options
| author | Karl 'vollmerk' Vollmer <vollmer@ampache.org> | 2005-06-19 18:05:40 +0000 |
|---|---|---|
| committer | Karl 'vollmerk' Vollmer <vollmer@ampache.org> | 2005-06-19 18:05:40 +0000 |
| commit | 0c0262b8a7326d1e2effbce5d422fd672300d114 (patch) | |
| tree | e84c501cccbb2e7d3d9655685020fd7a266a7170 /modules | |
| parent | 49f48af532c2d3196d94b444c3514bdb1a499436 (diff) | |
| download | ampache-0c0262b8a7326d1e2effbce5d422fd672300d114.tar.gz ampache-0c0262b8a7326d1e2effbce5d422fd672300d114.tar.bz2 ampache-0c0262b8a7326d1e2effbce5d422fd672300d114.zip | |
mother of all commits...
Diffstat (limited to 'modules')
| -rw-r--r-- | modules/admin.php | 2 | ||||
| -rw-r--r-- | modules/class/album.php | 8 | ||||
| -rw-r--r-- | modules/class/artist.php | 8 | ||||
| -rw-r--r-- | modules/class/song.php | 2 | ||||
| -rw-r--r-- | modules/class/stream.php | 3 | ||||
| -rw-r--r-- | modules/id3/getid3/module.audio.mpc.php | 2 | ||||
| -rw-r--r-- | modules/lib.php | 58 |
7 files changed, 42 insertions, 41 deletions
diff --git a/modules/admin.php b/modules/admin.php index 6eb9da04..5ce7bf6d 100644 --- a/modules/admin.php +++ b/modules/admin.php @@ -45,7 +45,7 @@ function show_manage_users () { echo "<table class=\"text-box\">\n<tr><td>\n"; echo "<span class=\"header2\">" . _("Manage Users") . "</span><br />\n"; echo "<p>Use the following tools to manage the users that access your site.</p>\n"; - echo "<ul>\n\t<li><a href=\"".conf('web_path') . "/admin/users.php?action=show_add_user\">" . _("Add a new user") . "</a></li\n</dl>\n"; + echo "<ul>\n\t<li><a href=\"".conf('web_path') . "/admin/users.php?action=show_add_user\">" . _("Add a new user") . "</a></li>\n</ul>\n"; echo "</td></tr></table>"; show_users(); diff --git a/modules/class/album.php b/modules/class/album.php index c95a8ff6..17befbd9 100644 --- a/modules/class/album.php +++ b/modules/class/album.php @@ -115,12 +115,12 @@ class Album { $web_path = conf('web_path'); /* Truncate the string if it's to long */ - $name = truncate_with_ellipse($this->name,conf('ellipse_threshold_album')); - - $this->f_name = "<a href=\"$web_path/albums.php?action=show&album=" . $this->id . "\" title=\"" . $this->name . "\">" . $name . "</a>"; + $name = htmlspecialchars(truncate_with_ellipse($this->name,conf('ellipse_threshold_album'))); + $artist = htmlspecialchars($this->artist); + $this->f_name = "<a href=\"$web_path/albums.php?action=show&album=" . $this->id . "\" title=\"" . $name . "\">" . $name . "</a>"; $this->f_songs = "<div align=\"center\">" . $this->songs . "</div>"; if ($this->artist_count == '1') { - $this->f_artist = "<a href=\"$web_path/artists.php?action=show&artist=" . $this->artist_id . "\">" . $this->artist . "</a>"; + $this->f_artist = "<a href=\"$web_path/artists.php?action=show&artist=" . $this->artist_id . "\">" . $artist . "</a>"; } else { $this->f_artist = _("Various"); diff --git a/modules/class/artist.php b/modules/class/artist.php index a0b4caa7..2a6e3308 100644 --- a/modules/class/artist.php +++ b/modules/class/artist.php @@ -170,13 +170,11 @@ class Artist { function format_artist() { /* Combine prefix and name, trim then add ... if needed */ - $name = truncate_with_ellipse(trim($this->prefix . " " . $this->name)); - + $name = htmlspecialchars(truncate_with_ellipse(trim($this->prefix . " " . $this->name))); $this->f_name = $this->name; - $this->full_name = trim($this->prefix . " " . $this->name); + $this->full_name = htmlspecialchars(trim($this->prefix . " " . $this->name)); //FIXME: This shouldn't be set like this, f_name should be like this - $this->link = "<a href=\"" . conf('web_path') . "/artists.php?action=show&artist=" . $this->id . "\" title=\"" . $this->full_name . "\">" . - $name . "</a>"; + $this->link = "<a href=\"" . conf('web_path') . "/artists.php?action=show&artist=" . $this->id . "\" title=\"" . $this->full_name . "\">" . $name . "</a>"; $this->name = $this->link; return $artist; diff --git a/modules/class/song.php b/modules/class/song.php index cd1cfe8a..47600ee5 100644 --- a/modules/class/song.php +++ b/modules/class/song.php @@ -556,7 +556,7 @@ class Song { $this->f_title = truncate_with_ellipse($this->title,conf('ellipse_threshold_title')); // Create A link inclduing the title - $this->f_link = "<a href=\"" . conf('web_path') . "/song.php?action=m3u&song=" . $this->id . "\">$this->f_title</a>"; + $this->f_link = "<a href=\"" . conf('web_path') . "/song.php?action=m3u&song=" . $this->id . "\">$this->f_title</a>"; // Format the Bitrate $this->f_bitrate = intval($this->bitrate/1000) . "-" . strtoupper($this->mode); diff --git a/modules/class/stream.php b/modules/class/stream.php index 3472127a..999dcbca 100644 --- a/modules/class/stream.php +++ b/modules/class/stream.php @@ -267,6 +267,9 @@ class Stream { /* Add the files to the MPD playlist */ addToPlaylist($myMpd,$this->songs); + /* If we've added songs we should start playing */ + $myMpd->Play(); + header ("Location: " . return_referer()); } // create_mpd diff --git a/modules/id3/getid3/module.audio.mpc.php b/modules/id3/getid3/module.audio.mpc.php index d0a7202f..7d5d33c5 100644 --- a/modules/id3/getid3/module.audio.mpc.php +++ b/modules/id3/getid3/module.audio.mpc.php @@ -201,7 +201,7 @@ class getid3_mpc if ($thisfile_mpc_header['raw']['album_gain'] < 0) { $thisfile_mpc_header['album_gain_db'] = (float) (32768 + $thisfile_mpc_header['raw']['album_gain']) / -100; } else { - $thisfile_mpc_header['album_gain_db'] = (float) $thisfile_mpc_header['raw']['album_gain'] / 100;; + $thisfile_mpc_header['album_gain_db'] = (float) $thisfile_mpc_header['raw']['album_gain'] / 100; } $thisfile_mpc_header['encoder_version'] = $this->MPCencoderVersionLookup($thisfile_mpc_header['raw']['encoder_version']); diff --git a/modules/lib.php b/modules/lib.php index 735f579a..585e9612 100644 --- a/modules/lib.php +++ b/modules/lib.php @@ -190,14 +190,14 @@ function show_random_play() { </td> </tr> <tr class="even"> - <td nowrap> ' . _("from catalog") . '</td> + <td nowrap="nowrap"> ' . _("from catalog") . '</td> <td> '; show_catalog_pulldown( -1, 0); print ' - </tr> + </td></tr> <tr> <td colspan="4"> <input type="hidden" name="aaction" value="Play!" /> @@ -227,15 +227,15 @@ function show_artist_pulldown ($artist) { $query = "SELECT id,name FROM artist ORDER BY name"; $db_result = mysql_query($query, $dbh); - echo "<select name=\"artist\">\n"; + echo "\n<select name=\"artist\">\n"; while ( $r = mysql_fetch_row($db_result) ) { // $r[0] = id, $r[1] = name if ( $artist == $r[0] ) { - echo "<option value=\"$r[0]\" selected=\"selected\">$r[1]</option>\n"; + echo "<option value=\"$r[0]\" selected=\"selected\">". htmlspecialchars($r[1]) ."</option>\n"; } else { - echo "<option value=\"$r[0]\">$r[1]</option>\n"; + echo "<option value=\"$r[0]\">". htmlspecialchars($r[1]) ."</option>\n"; } } @@ -256,7 +256,7 @@ function show_album_pulldown ($album) { $sql = "SELECT id,name FROM album ORDER BY name"; $db_result = mysql_query($sql, $dbh); - echo "<select name=\"album\">\n"; + echo "\n<select name=\"album\">\n"; while ( $r = mysql_fetch_row($db_result) ) { // $r[0] = id, $r[1] = name @@ -268,7 +268,7 @@ function show_album_pulldown ($album) { } }//while - echo "</select>\n"; + echo "\n</select>\n"; } // show_album_pulldown() @@ -292,19 +292,19 @@ function show_flagged_popup($reason,$label='value', $name='flagged_type', $other } $db_result = mysql_query($query, $dbh); - echo "<select name=\"$name\" $other>\n"; + echo "\n<select name=\"$name\" $other>\n"; while ( $r = mysql_fetch_array($db_result) ) { // $r[0] = id, $r[1] = type if ( $reason === $r['type'] ) { - echo "\t<option value=\"".$r['type']."\" selected=\"selected\">".$r[$label]."</option>\n"; + echo "\t<option value=\"".$r['type']."\" selected=\"selected\">".htmlspecialchars($r[$label])."</option>\n"; } else { - echo "\t<option value=\"".$r['type']."\">".$r[$label]."</option>\n"; + echo "\t<option value=\"".$r['type']."\">".htmlspecialchars($r[$label])."</option>\n"; } } - echo "</select>\n"; + echo "\n</select>\n"; } // show_flagged_popup() @@ -331,7 +331,7 @@ function show_genre_pulldown ($genre, $complete) { $db_result = mysql_query($sql, $dbh); - echo "<select name=\"genre[]\" MULTIPLE size=\"7\">\n"; + echo "\n<select name=\"genre\" multiple=\"multiple\" size=\"7\">\n"; if ( ! $complete ) { $genre_info = get_genre_info( -1 ); @@ -355,8 +355,8 @@ function show_genre_pulldown ($genre, $complete) { echo " <option value=\"${r[0]}\">$genre_name - ($genre_count)</option>\n"; } } + echo " </select>\n"; - echo "</select>"; } // show_genre_pulldown() /* @@ -373,7 +373,7 @@ function show_catalog_pulldown ($catalog, $complete) { $db_result = mysql_query($sql, dbh()); - echo "<select name=\"catalog\">\n"; + echo "\n<select name=\"catalog\">\n"; echo " <option value=\"-1\" selected=\"selected\">All</option>\n"; @@ -391,7 +391,7 @@ function show_catalog_pulldown ($catalog, $complete) { echo " <option value=\"${r[0]}\">$catalog_name</option>\n"; } } - echo "</select>"; + echo "\n</select>\n"; } // show_catalog_pulldown() @@ -989,14 +989,14 @@ ECHO; list($count) = mysql_fetch_row($count_result); $class = flip_class(); echo " <tr class=\"$class\">\n"; - echo " <td><a href=\"$web_path/playlist.php?playlist_id=$plid&action=view_list\">$plname</a></td>\n"; + echo " <td><a href=\"$web_path/playlist.php?playlist_id=$plid&action=view_list\">$plname</a></td>\n"; echo " <td>$count</td>\n"; echo " <td>$plfullname</td>\n"; - echo " <td><a href=\"$web_path/playlist.php?playlist_id=$plid&action=view_list\">" . _("View") . "</a></td>\n"; + echo " <td><a href=\"$web_path/playlist.php?playlist_id=$plid&action=view_list\">" . _("View") . "</a></td>\n"; if ($user->id == $pluser->id || $user->access === 'admin') { - echo " <td><a href=\"$web_path/playlist.php?playlist_id=$plid&action=edit\">" . _("Edit") . "</a></td>\n"; - echo " <td><a href=\"$web_path/playlist.php?playlist_id=$plid&action=delete_playlist\">" . _("Delete") . "</a></td>\n"; + echo " <td><a href=\"$web_path/playlist.php?playlist_id=$plid&action=edit\">" . _("Edit") . "</a></td>\n"; + echo " <td><a href=\"$web_path/playlist.php?playlist_id=$plid&action=delete_playlist\">" . _("Delete") . "</a></td>\n"; } else { echo " <td> </td>\n"; @@ -1004,21 +1004,21 @@ ECHO; } if ( $count[0] ) { - echo " <td><a href=\"$web_path/song.php?action=m3u&playlist_id=$plid\">" . _("Play") . "</a> | " . - "<a href=\"$web_path/song.php?action=random&playlist_id=$plid\">" . _("Random") . "</a></td>\n"; + echo " <td><a href=\"$web_path/song.php?action=m3u&playlist_id=$plid\">" . _("Play") . "</a> | " . + "<a href=\"$web_path/song.php?action=random&playlist_id=$plid\">" . _("Random") . "</a></td>\n"; } else { echo " <td> </td>\n"; } if( batch_ok() ) { - echo" <td><a href=\"$web_path/batch.php?action=pl&id=$plid\">" . _("Download") . "</a></td>\n"; + echo" <td><a href=\"$web_path/batch.php?action=pl&id=$plid\">" . _("Download") . "</a></td>\n"; } else { echo" <td> </td>\n"; } echo " </tr>\n"; } - echo "</ul>\n"; + echo "\n"; } //if rows in result else { echo " <tr class=\"even\">\n"; @@ -1027,7 +1027,7 @@ ECHO; } echo "</table>\n"; - echo "<br>\n"; + echo "<br />\n"; } @@ -1294,20 +1294,20 @@ function get_global_popular($type) { $artist = $song->get_artist_name(); $text = "$artist - $song->title"; /* Add to array */ - $items[] = "<li> <a href=\"$web_path/song.php?action=m3u&song=$song->id\" title=\"$text\">" . truncate_with_ellipse($text, conf('ellipse_threshold_title')+3) . " ($r->count)</a> </li>"; + $items[] = "<li> <a href=\"$web_path/song.php?action=m3u&song=$song->id\" title=\"". htmlspecialchars($text) ."\">" . htmlspecialchars(truncate_with_ellipse($text, conf('ellipse_threshold_title')+3)) . " ($r->count)</a> </li>"; } // if it's a song elseif ( $type == 'artist' ) { $artist = get_artist_name($r->object_id); if ($artist) { - $items[] = "<li> <a href=\"$web_path/artists.php?action=show&artist=$r->object_id\" title=\"$artist\">" . truncate_with_ellipse($artist, conf('ellipse_threshold_artist')+3) . " ($r->count)</a> </li>"; + $items[] = "<li> <a href=\"$web_path/artists.php?action=show&artist=$r->object_id\" title=\"". htmlspecialchars($artist) ."\">" . htmlspecialchars(truncate_with_ellipse($artist, conf('ellipse_threshold_artist')+3)) . " ($r->count)</a> </li>"; } // if no artist found } // if type isn't artist elseif ( $type == 'album' ) { $album = new Album($r->object_id); if ($album) { - $items[] = "<li> <a href=\"$web_path/albums.php?action=show&album=$r->object_id\" title=\"$album->name\">" . truncate_with_ellipse($album->name,conf('ellipse_threshold_album')+3) . " ($r->count)</a> </li>"; + $items[] = "<li> <a href=\"$web_path/albums.php?action=show&album=$r->object_id\" title=\"". htmlspecialchars($album->name) ."\">" . htmlspecialchars(truncate_with_ellipse($album->name,conf('ellipse_threshold_album')+3)) . " ($r->count)</a> </li>"; } } } // end while @@ -1356,10 +1356,10 @@ function show_info_box ($title, $type, $items) { if ($type == 'your_song') { - echo "<td>$title - <a href=\"$web_path/song.php?action=m3u&your_popular_songs=$popular_threshold\">Play</a></td>\n"; + echo "<td>$title - <a href=\"$web_path/song.php?action=m3u&your_popular_songs=$popular_threshold\">Play</a></td>\n"; } elseif ($type == 'song') { - echo "<td>$title - <a href=\"$web_path/song.php?action=m3u&popular_songs=$popular_threshold\">Play</a></td>\n"; + echo "<td>$title - <a href=\"$web_path/song.php?action=m3u&popular_songs=$popular_threshold\">Play</a></td>\n"; } else { echo "<td>$title</td>\n"; |