summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--lib/class/access.class.php2
-rw-r--r--lib/class/xmldata.class.php4
-rw-r--r--login.php2
-rw-r--r--play/index.php8
-rw-r--r--server/xml.server.php2
-rw-r--r--server/xmlrpc.server.php4
6 files changed, 13 insertions, 9 deletions
diff --git a/lib/class/access.class.php b/lib/class/access.class.php
index 0182a45d..006bfb2c 100644
--- a/lib/class/access.class.php
+++ b/lib/class/access.class.php
@@ -165,7 +165,7 @@ class Access {
* and then returns true or false if they have access to this
* the IP is passed as a dotted quad
*/
- public static function check_network($type,$ip='',$user,$level,$key='') {
+ public static function check_network($type,$user,$level,$ip='',$key='') {
if (!Config::get('access_control')) {
switch ($type) {
diff --git a/lib/class/xmldata.class.php b/lib/class/xmldata.class.php
index caeee032..807a9a5d 100644
--- a/lib/class/xmldata.class.php
+++ b/lib/class/xmldata.class.php
@@ -274,6 +274,8 @@ class xmlData {
$song = new Song($song_id);
$song->format();
+ $rating = new Rating($song_id,'song');
+
$art_url = Config::get('web_path') . '/image.php?id=' . $song->album . '&auth=' . scrub_out($_REQUEST['auth']);
$string .= "<song id=\"$song->id\">\n" .
@@ -286,6 +288,8 @@ class xmlData {
"\t<url><![CDATA[" . $song->get_url($_REQUEST['auth']) . "]]></url>\n" .
"\t<size>$song->size</size>\n" .
"\t<art><![CDATA[" . $art_url . "]]></art>\n" .
+ "\t<preciserating>" . $rating->preciserating . "</preciserating>\n" .
+ "\t<rating>" . $rating->rating . "</rating>\n" .
"</song>\n";
} // end foreach
diff --git a/login.php b/login.php
index b152bca4..b898cbe9 100644
--- a/login.php
+++ b/login.php
@@ -34,7 +34,7 @@ Preference::init();
* page if they aren't in the ACL
*/
if (Config::get('access_control')) {
- if (!Access::check_network('interface',$_SERVER['REMOTE_ADDR'],'','5')) {
+ if (!Access::check_network('interface','','5')) {
debug_event('access_denied','Access Denied:' . $_SERVER['REMOTE_ADDR'] . ' is not in the Interface Access list','3');
access_denied();
exit();
diff --git a/play/index.php b/play/index.php
index d8093980..a4a73b45 100644
--- a/play/index.php
+++ b/play/index.php
@@ -72,7 +72,7 @@ if (make_bool($GLOBALS['user']->disabled)) {
// If require session is set then we need to make sure we're legit
if (Config::get('require_session')) {
- if (!Config::get('require_localnet_session') AND Access::check_network('network',$_SERVER['REMOTE_ADDR'],$GLOBALS['user']->id,'5')) {
+ if (!Config::get('require_localnet_session') AND Access::check_network('network',$GLOBALS['user']->id,'5')) {
// Localnet defined IP and require localnot session has been turned off we let this one through
debug_event('LocalNet','Streaming Access Granted to Localnet defined IP ' . $_SERVER['REMOTE_ADDR'],'5');
}
@@ -102,8 +102,8 @@ if (Config::get('demo_mode') || (!Access::check('interface','25') AND !isset($xm
that they have enough access to play this mojo
*/
if (Config::get('access_control')) {
- if (!Access::check_network('stream',$_SERVER['REMOTE_ADDR'],$GLOBALS['user']->id,'25') AND
- !Access::check_network('network',$_SERVER['REMOTE_ADDR'],$GLOBALS['user']->id,'25')) {
+ if (!Access::check_network('stream',$GLOBALS['user']->id,'25') AND
+ !Access::check_network('network',$GLOBALS['user']->id,'25')) {
debug_event('access_denied', "Streaming Access Denied: " . $_SERVER['REMOTE_ADDR'] . " does not have stream level access",'3');
access_denied();
exit;
@@ -286,7 +286,7 @@ if (Config::get('track_user_ip')) {
// If we've got downsample remote enabled
if (Config::get('downsample_remote')) {
- if (!Access::check_network('network',$_SERVER['REMOTE_ADDR'],$GLOBALS['user']->id,'0')) {
+ if (!Access::check_network('network',$GLOBALS['user']->id,'0')) {
debug_event('downsample','Network Downsample ' . $_SERVER['REMOTE_ADDR'] . ' is not in Local definition','5');
$not_local = true;
}
diff --git a/server/xml.server.php b/server/xml.server.php
index 2b6aa883..a98c76ac 100644
--- a/server/xml.server.php
+++ b/server/xml.server.php
@@ -61,7 +61,7 @@ $session = vauth::get_session_data($_REQUEST['auth']);
$username = ($_REQUEST['action'] == 'handshake') ? $_REQUEST['user'] : $session['username'];
-if (!Access::check_network('init-api',$_SERVER['REMOTE_ADDR'],$username,'5')) {
+if (!Access::check_network('init-api',$username,'5')) {
debug_event('Access Denied','Unathorized access attempt to API [' . $_SERVER['REMOTE_ADDR'] . ']', '3');
ob_end_clean();
echo xmlData::error('403','ACL Error');
diff --git a/server/xmlrpc.server.php b/server/xmlrpc.server.php
index ab6d9e3c..7b0510a8 100644
--- a/server/xmlrpc.server.php
+++ b/server/xmlrpc.server.php
@@ -1,7 +1,7 @@
<?php
/*
- Copyright 2001 - 2007 Ampache.org
+ Copyright Ampache.org
All Rights Reserved
This program is free software; you can redistribute it and/or
@@ -36,7 +36,7 @@ else {
}
// ** check that the remote server has access to this catalog
-if (Access::check_network('init-rpc',$_SERVER['REMOTE_ADDR'],'','5','')) {
+if (Access::check_network('init-rpc','','5')) {
// Define an array of classes we need to pull from for the
$classes = array('xmlRpcServer');
generated by cgit (git 2.34.1) at 2025-08-14 01:54:22 +0000