diff options
| -rwxr-xr-x | docs/CHANGELOG | 4 | ||||
| -rw-r--r-- | lib/class/playlist.class.php | 2 | ||||
| -rw-r--r-- | lib/class/preference.class.php | 80 | ||||
| -rw-r--r-- | lib/class/random.class.php | 121 | ||||
| -rw-r--r-- | lib/class/stream.class.php | 13 | ||||
| -rw-r--r-- | lib/class/user.class.php | 59 | ||||
| -rw-r--r-- | lib/init.php | 2 | ||||
| -rw-r--r-- | lib/preferences.php | 132 | ||||
| -rw-r--r-- | login.php | 4 | ||||
| -rw-r--r-- | preferences.php | 2 | ||||
| -rw-r--r-- | stream.php | 7 | ||||
| -rw-r--r-- | templates/header.inc.php | 2 | ||||
| -rw-r--r-- | templates/sidebar_localplay.inc.php | 1 |
13 files changed, 183 insertions, 246 deletions
diff --git a/docs/CHANGELOG b/docs/CHANGELOG index e5fbc2ec..9204bb9b 100755 --- a/docs/CHANGELOG +++ b/docs/CHANGELOG @@ -4,6 +4,10 @@ -------------------------------------------------------------------------- v.3.4-Alpha4 + - Added Highest Rated option to Advanced Random + - Fixed incorrect mime type being set on ASX playlists + - Fixed problem where you couldn't change playlist type + (Thx Karl Hungus) - Fixed potential issue with display on some preferences - Added Length to Advanced Random and removed Minutes from methods - Added function exists check for session with redirect to /test.php diff --git a/lib/class/playlist.class.php b/lib/class/playlist.class.php index 4018dd43..8310219c 100644 --- a/lib/class/playlist.class.php +++ b/lib/class/playlist.class.php @@ -493,7 +493,7 @@ class Playlist { $id = Dba::escape($this->id); $sql = "DELETE FROM `playlist_data` WHERE `playlist` = '$id'"; - $db_results = Dba::query($sq); + $db_results = Dba::query($sql); $sql = "DELETE FROM `playlist` WHERE `id`='$id'"; $db_results = Dba::query($sql); diff --git a/lib/class/preference.class.php b/lib/class/preference.class.php index d4841483..71b714fc 100644 --- a/lib/class/preference.class.php +++ b/lib/class/preference.class.php @@ -70,6 +70,38 @@ class Preference { } // update /** + * update_level + * This takes a preference ID and updates the level required to update it (performed by an admin) + */ + public static function update_level($preference_id,$level) { + + $preference_id = Dba::escape($preference_id); + $level = Dba::escape($level); + + $sql = "UPDATE `preference` SET `level`='$level' WHERE `id`='$preference_id'"; + $db_results = Dba::query($sql); + + return true; + + } // update_level + + /** + * update_all + * This takes a preference id and a value and updates all users with the new info + */ + public static function update_all($preference_id,$value) { + + $preference_id = Dba::escape($preference_id); + $value = Dba::escape($value); + + $sql = "UPDATE `user_preference` SET `value`='$value' WHERE `preference`='$preference_id'"; + $db_results = Dba::query($sql); + + return true; + + } // update_all + + /** * has_access * This checks to see if the current user has access to modify this preference * as defined by the preference name @@ -264,5 +296,53 @@ class Preference { } // fix_preferences + /** + * init + * This grabs the preferences and then loads them into conf it should be run on page load + * to initialize the needed variables + */ + public static function init() { + + /* Get Global Preferences */ + $sql = "SELECT preference.name,user_preference.value FROM preference,user_preference WHERE user_preference.user='-1' " . + " AND user_preference.preference = preference.id AND preference.catagory='system'"; + $db_results = Dba::query($sql); + + while ($r = Dba::fetch_assoc($db_results)) { + $name = $r['name']; + $results[$name] = $r['value']; + } // end while sys prefs + + /* Now we need to allow the user to override some stuff that's been set by the above */ + $user_id = '-1'; + if ($GLOBALS['user']->username) { + $user_id = Dba::escape($GLOBALS['user']->id); + } + + $sql = "SELECT preference.name,user_preference.value FROM preference,user_preference WHERE user_preference.user='$user_id' " . + " AND user_preference.preference = preference.id AND preference.catagory != 'system'"; + $db_results = Dba::query($sql); + + while ($r = Dba::fetch_assoc($db_results)) { + $name = $r['name']; + $results[$name] = $r['value']; + } // end while + + /* Set the Theme mojo */ + if (strlen($results['theme_name']) > 0) { + $results['theme_path'] = '/themes/' . $results['theme_name']; + } + // Default to the classic theme if we don't get anything from their + // preferenecs because we're going to want at least something otherwise + // the page is going to be really ugly + else { + $results['theme_path'] = '/themes/classic'; + } + + Config::set_by_array($results,1); + + + } // init + } // end Preference class diff --git a/lib/class/random.class.php b/lib/class/random.class.php index d46aa6e2..8a042bad 100644 --- a/lib/class/random.class.php +++ b/lib/class/random.class.php @@ -259,7 +259,7 @@ class Random { /* If they've passed -1 as limit then don't get everything */ if ($data['random'] == "-1") { unset($data['random']); } - else { $limit_sql = "LIMIT " . $limit; } + else { $limit_sql = "LIMIT " . Dba::escape($limit); } $where = "1=1 "; if (is_array($matchlist)) { @@ -279,52 +279,85 @@ class Random { } } // end foreach } // end if matchlist - - if ($data['random_type'] == 'full_album') { - $query = "SELECT `album`.`id` FROM `song` INNER JOIN `album` ON `song`.`album`=`album`.`id` " . - "WHERE $where GROUP BY `song`.`album` ORDER BY RAND() $limit_sql"; - $db_results = Dba::query($query); - while ($row = Dba::fetch_assoc($db_results)) { - $albums_where .= " OR `song`.`album`=" . $row['id']; - } - $albums_where = ltrim($albums_where," OR"); - $sql = "SELECT `song`.`id`,`song`.`size`,`song`.`time` FROM `song` WHERE $albums_where ORDER BY `song`.`album`,`song`.`track` ASC"; - - } - elseif ($data['random_type'] == 'full_artist') { - $query = "SELECT `artist`.`id` FROM `song` INNER JOIN `artist` ON `song`.`artist`=`artist`.`id` " . - "WHERE $where GROUP BY `song`.`artist` ORDER BY RAND() $limit_sql"; - $db_results = Dba::query($query); - while ($row = Dba::fetch_row($db_results)) { - $artists_where .= " OR song.artist=" . $row[0]; - } - $artists_where = ltrim($artists_where," OR"); - $sql = "SELECT song.id,song.size,song.time FROM song WHERE $artists_where ORDER BY RAND()"; - } - elseif ($data['random_type'] == 'unplayed') { - $uid = Dba::escape($GLOBALS['user']->id); - $sql = "SELECT object_id,COUNT(`id`) AS `total` FROM `object_count` WHERE `user`='$uid' GROUP BY `object_id`"; - $db_results = Dba::query($sql); - - $in_sql = "`id` IN ("; - - while ($row = Dba::fetch_assoc($db_results)) { - $in_sql .= "'" . $row['object_id'] . "',"; - } - - $in_sql = rtrim($in_sql,',') . ')'; - - $sql = "SELECT song.id,song.size,song.time FROM song " . - "WHERE ($where) AND $in_sql ORDER BY RAND() $limit_sql"; + + switch ($data['random_type']) { + case 'full_aldum': + $query = "SELECT `album`.`id` FROM `song` INNER JOIN `album` ON `song`.`album`=`album`.`id` " . + "WHERE $where GROUP BY `song`.`album` ORDER BY RAND() $limit_sql"; + $db_results = Dba::query($query); + while ($row = Dba::fetch_assoc($db_results)) { + $albums_where .= " OR `song`.`album`=" . $row['id']; + } + $albums_where = ltrim($albums_where," OR"); + $sql = "SELECT `song`.`id`,`song`.`size`,`song`.`time` FROM `song` WHERE $albums_where ORDER BY `song`.`album`,`song`.`track` ASC"; + break; + case 'full_artist': + $query = "SELECT `artist`.`id` FROM `song` INNER JOIN `artist` ON `song`.`artist`=`artist`.`id` " . + "WHERE $where GROUP BY `song`.`artist` ORDER BY RAND() $limit_sql"; + $db_results = Dba::query($query); + while ($row = Dba::fetch_row($db_results)) { + $artists_where .= " OR song.artist=" . $row[0]; + } + $artists_where = ltrim($artists_where," OR"); + $sql = "SELECT song.id,song.size,song.time FROM song WHERE $artists_where ORDER BY RAND()"; + break; + case 'unplayed': + $uid = Dba::escape($GLOBALS['user']->id); + $sql = "SELECT object_id,COUNT(`id`) AS `total` FROM `object_count` WHERE `user`='$uid' GROUP BY `object_id`"; + $db_results = Dba::query($sql); + + $in_sql = "`id` IN ("; + + while ($row = Dba::fetch_assoc($db_results)) { + $row['object_id'] = Dba::escape($row['object_id']); + $in_sql .= "'" . $row['object_id'] . "',"; + } + + $in_sql = rtrim($in_sql,',') . ')'; + + $sql = "SELECT song.id,song.size,song.time FROM song " . + "WHERE ($where) AND $in_sql ORDER BY RAND() $limit_sql"; + break; + case 'high_rating': + $sql = "SELECT `rating`.`object_id`,`rating`.`rating` FROM `rating` " . + "WHERE `rating`.`object_type`='song' ORDER BY `rating` DESC"; + $db_results = Dba::query($sql); + + // Get all of the ratings for songs + while ($row = Dba::fetch_assoc($db_results)) { + $results[$row['object_id']][] = $row['rating']; + } + // Calculate the averages + foreach ($results as $key=>$rating_array) { + $average = intval(array_sum($rating_array) / count($rating_array)); + // We have to do this because array_slice doesn't maintain indexes + $new_key = $average . $key; + $ratings[$new_key] = $key; + } + + // Sort it by the value and slice at $limit * 2 so we have a little bit of randomness + krsort($ratings); + $ratings = array_slice($ratings,0,$limit*2); + + $in_sql = "`song`.`id` IN ("; + + // Build the IN query, cause if you're OUT it ain't cool + foreach ($ratings as $song_id) { + $key = Dba::escape($song_id); + $in_sql .= "'$key',"; + } - } // If unplayed - elseif ($data['random_type'] == 'high_rating') { + $in_sql = rtrim($in_sql,',') . ')'; + // Apply true limit and order by rand + $sql = "SELECT song.id,song.size,song.time FROM song " . + "WHERE ($where) AND $in_sql ORDER BY RAND() $limit_sql"; + break; + default: + $sql = "SELECT `id`,`size`,`time` FROM `song` WHERE $where ORDER BY RAND() $limit_sql"; - } - else { - $sql = "SELECT `id`,`size`,`time` FROM `song` WHERE $where ORDER BY RAND() $limit_sql"; - } + break; + } // end switch on type of random play // Run the query generated above so we can while it $db_results = Dba::query($sql); diff --git a/lib/class/stream.class.php b/lib/class/stream.class.php index faadd2b2..18350a0e 100644 --- a/lib/class/stream.class.php +++ b/lib/class/stream.class.php @@ -300,15 +300,16 @@ class Stream { } // create_pls - /*! - @function create_asx - @discussion creates an ASZ playlist (Thx Samir Kuthiala) - */ - function create_asx() { + /** + * create_asx + * creates an ASX playlist (Thx Samir Kuthiala) This should really only be used + * if all of the content is ASF files. + */ + public function create_asx() { header("Cache-control: public"); header("Content-Disposition: filename=playlist.asx"); - header("Content-Type: video/x-ms-asf;"); + header("Content-Type: audio/x-ms-wax;"); echo "<ASX version = \"3.0\" BANNERBAR=\"AUTO\">\n"; echo "<TITLE>Ampache ASX Playlist</TITLE>"; diff --git a/lib/class/user.class.php b/lib/class/user.class.php index 97477ae7..f8d34c5c 100644 --- a/lib/class/user.class.php +++ b/lib/class/user.class.php @@ -340,65 +340,6 @@ class User { } // has_access /** - * update_preference - * updates a single preference if the query fails - * it attempts to insert the preference instead - * @package User - * @catagory Class - * @todo Do a has_preference_access check - */ - function update_preference($preference_id, $value, $user_id=0) { - - if (!has_preference_access(get_preference_name($preference_id))) { - return false; - } - - if (!$user_id) { - $user_id = $this->id; - } - - if (!conf('use_auth')) { $user_id = '-1'; } - - $value = sql_escape($value); - $preference_id = sql_escape($preference_id); - $user_id = sql_escape($user_id); - - $sql = "UPDATE user_preference SET value='$value' WHERE user='$user_id' AND preference='$preference_id'"; - - $db_results = mysql_query($sql, dbh()); - - } // update_preference - - /** - * legacy_add_preference - * adds a new preference - * @package User - * @catagory Class - * @param $key preference name - * @param $value preference value - * @param $id user is - */ - function add_preference($preference_id, $value, $username=0) { - - if (!$username) { - $username = $this->username; - } - - $value = sql_escape($value); - - if (!is_numeric($preference_id)) { - $sql = "SELECT id FROM preference WHERE `name`='$preference_id'"; - $db_results = mysql_query($sql, dbh()); - $r = mysql_fetch_array($db_results); - $preference_id = $r[0]; - } // end if it's not numeric - - $sql = "INSERT user_preference SET `user`='$username' , `value`='$value' , `preference`='$preference_id'"; - $db_results = mysql_query($sql, dbh()); - - } // add_preference - - /** * update * This function is an all encompasing update function that * calls the mini ones does all the error checking and all that diff --git a/lib/init.php b/lib/init.php index 4611e4f0..28ac53d1 100644 --- a/lib/init.php +++ b/lib/init.php @@ -231,7 +231,7 @@ else { } // Load the Preferences from the database -init_preferences(); +Preference::init(); // We need to create the tmp playlist for our user $GLOBALS['user']->load_playlist(); diff --git a/lib/preferences.php b/lib/preferences.php index 95062e37..ea77ce02 100644 --- a/lib/preferences.php +++ b/lib/preferences.php @@ -19,19 +19,6 @@ */ -/** - * clean_preference_name - * s/_/ /g & upper case first - */ -function clean_preference_name($name) { - - $name = str_replace("_"," ",$name); - $name = ucwords($name); - - return $name; - -} // clean_preference_name - /* * update_preferences * grabs the current keys that should be added @@ -101,14 +88,13 @@ function update_preference($user_id,$name,$pref_id,$value) { /* First see if they are an administrator and we are applying this to everything */ if ($GLOBALS['user']->has_access(100) AND make_bool($_REQUEST[$apply_check])) { - $sql = "UPDATE `user_preference` SET `value`='$value' WHERE `preference`='$pref_id'"; - $db_results = Dba::query($sql); + Preference::update_all($pref_id,$value); return true; } /* Check and see if they are an admin and the level def is set */ if ($GLOBALS['user']->has_access(100) AND make_bool($_REQUEST[$level_check])) { - update_preference_level($pref_id,$_REQUEST[$level_check]); + Preference::update_level($pref_id,$_REQUEST[$level_check]); } /* Else make sure that the current users has the right to do this */ @@ -123,37 +109,6 @@ function update_preference($user_id,$name,$pref_id,$value) { } // update_preference /** - * has_preference_access - * makes sure that the user has sufficient - * rights to actually set this preference, handle - * as allow all, deny X - */ -function has_preference_access($name) { - - /* If it's a demo they don't get jack */ - if (Config::get('demo_mode')) { - return false; - } - - $name = Dba::escape($name); - - /* Check Against the Database Row */ - $sql = "SELECT `level` FROM `preference` " . - "WHERE `name`='$name'"; - $db_results = Dba::query($sql); - - $data = Dba::fetch_assoc($db_results); - - if ($GLOBALS['user']->has_access($data['level'])) { - return true; - } - - return false; - -} //has_preference_access - - -/** * create_preference_input * takes the key and then creates the correct type of input for updating it */ @@ -313,87 +268,4 @@ function create_preference_input($name,$value) { } // create_preference_input -/** - * get_preference_id - * This takes the name of a preference and returns it's id this is usefull for calling - * the user classes update_preference function - * @package Preferences - * @catagory Get - */ -function get_preference_id($name) { - - $sql = "SELECT `id` FROM `preference` WHERE `name`='" . Dba::escape($name) . "'"; - $db_results =Dba::query($sql); - - $results = Dba::fetch_assoc($db_results); - - return $results['id']; - -} // get_preference_id - -/** - * init_preferences - * Third times the charm, why rename a function once when you can do it three times :( - * This grabs the preferences and then loads them into conf it should be run on page load - * to initialize the needed variables - */ -function init_preferences() { - - /* Get Global Preferences */ - $sql = "SELECT preference.name,user_preference.value FROM preference,user_preference WHERE user_preference.user='-1' " . - " AND user_preference.preference = preference.id AND preference.catagory='system'"; - $db_results = Dba::query($sql); - - while ($r = Dba::fetch_assoc($db_results)) { - $name = $r['name']; - $results[$name] = $r['value']; - } // end while sys prefs - - /* Now we need to allow the user to override some stuff that's been set by the above */ - $user_id = '-1'; - if ($GLOBALS['user']->username) { - $user_id = Dba::escape($GLOBALS['user']->id); - } - - $sql = "SELECT preference.name,user_preference.value FROM preference,user_preference WHERE user_preference.user='$user_id' " . - " AND user_preference.preference = preference.id AND preference.catagory != 'system'"; - $db_results = Dba::query($sql); - - while ($r = Dba::fetch_assoc($db_results)) { - $name = $r['name']; - $results[$name] = $r['value']; - } // end while - - /* Set the Theme mojo */ - if (strlen($results['theme_name']) > 0) { - $results['theme_path'] = '/themes/' . $results['theme_name']; - } - // Default to the classic theme if we don't get anything from their - // preferenecs because we're going to want at least something otherwise - // the page is going to be really ugly - else { - $results['theme_path'] = '/themes/classic'; - } - - Config::set_by_array($results,1); - -} // init_preferences - -/** - * update_preference_level - * This function updates the level field in the preferences table - * this has nothing to do with a users actuall preferences - */ -function update_preference_level($pref_id,$level) { - - $name = Dba::escape($pref_id); - $level = Dba::escape($level); - - $sql = "UPDATE `preference` SET `level`='$level' WHERE `id`='$pref_id'"; - $db_results = Dba::query($sql); - - return true; - -} // update_preference_level - ?> @@ -26,7 +26,7 @@ require_once 'lib/init.php'; * can't handle Cookie + Redirect */ vauth_session_cookie(); -init_preferences(); +Preference::init() /** * If Access Control is turned on then we don't @@ -124,7 +124,7 @@ if ($auth['success']) { } // Reload the Preferences from the database - init_preferences(); + Preference::init(); /* Make sure they are actually trying to get to this site and don't try to redirect them back into * an admin section diff --git a/preferences.php b/preferences.php index 35558773..8d8c584d 100644 --- a/preferences.php +++ b/preferences.php @@ -42,7 +42,7 @@ switch($_REQUEST['action']) { /* Update and reset preferences */ update_preferences($user_id); - init_preferences(); + Preference::init(); $preferences = $GLOBALS['user']->get_preferences($user_id,$_REQUEST['tab']); break; @@ -199,7 +199,12 @@ switch ($_REQUEST['method']) { $GLOBALS['user']->prefs['play_type'] = 'stream'; } default: - $stream_type = $GLOBALS['user']->prefs['play_type']; + if ($GLOBALS['user']->prefs['play_type'] == 'stream') { + $stream_type = $GLOBALS['user']->prefs['playlist_type']; + } + else { + $stream_type = $GLOBALS['user']->prefs['play_type']; + } break; } diff --git a/templates/header.inc.php b/templates/header.inc.php index 706c2f20..8899670a 100644 --- a/templates/header.inc.php +++ b/templates/header.inc.php @@ -41,7 +41,7 @@ if (Config::get('use_rss')) { ?> <link rel="alternate" type="application/rss+xml" title="Ampache Recently Played" href="<?php echo $web_path; ?>/rss.php?type=recentlyplayed" /> <?php } ?> <meta http-equiv="Content-Type" content="application/xhtml+xml; charset=<?php echo Config::get('site_charset'); ?>" /> -<title><?php echo Config::get('site_title'); ?> - <?php echo $location['title']; ?></title> +<title><?php echo scrub_out(Config::get('site_title')); ?> - <?php echo $location['title']; ?></title> <link rel="stylesheet" href="<?php echo $web_path; ?><?php echo Config::get('theme_path'); ?>/templates/default.css" type="text/css" media="screen" /> <link rel="stylesheet" href="<?php echo $web_path; ?>/templates/print.css" type="text/css" media="print" /> <link rel="stylesheet" href="<?php echo $web_path; ?>/templates/handheld.css" type="text/css" media="handheld" /> diff --git a/templates/sidebar_localplay.inc.php b/templates/sidebar_localplay.inc.php index 8bce5a2a..01c198ee 100644 --- a/templates/sidebar_localplay.inc.php +++ b/templates/sidebar_localplay.inc.php @@ -24,6 +24,7 @@ // Requires a little work.. :( $instances = $localplay->get_instances(); foreach ($instances as $uid=>$name) { + $name = scrub_out($name); $class = ''; if ($uid == $current_instance) { $class = ' class="active_instance"'; |