diff options
| -rw-r--r-- | admin/access.php | 2 | ||||
| -rw-r--r-- | admin/catalog.php | 2 | ||||
| -rw-r--r-- | admin/users.php | 32 | ||||
| -rwxr-xr-x | docs/CHANGELOG | 2 | ||||
| -rw-r--r-- | lib/class/access.class.php | 11 | ||||
| -rw-r--r-- | lib/class/preference.class.php | 28 | ||||
| -rw-r--r-- | lib/preferences.php | 2 | ||||
| -rw-r--r-- | preferences.php | 19 | ||||
| -rw-r--r-- | server/random.ajax.php | 12 | ||||
| -rw-r--r-- | templates/show_preference_box.inc.php | 2 | ||||
| -rw-r--r-- | templates/show_user_preferences.inc.php | 59 | ||||
| -rw-r--r-- | templates/show_users.inc.php | 3 |
12 files changed, 138 insertions, 36 deletions
diff --git a/admin/access.php b/admin/access.php index c96d0362..f9c73def 100644 --- a/admin/access.php +++ b/admin/access.php @@ -21,7 +21,7 @@ require '../lib/init.php'; -if (!$GLOBALS['user']->has_access(100) || Config::get('demo_mode')) { +if (!Access::check('interface','100')) { access_denied(); exit(); } diff --git a/admin/catalog.php b/admin/catalog.php index 90934875..64a09333 100644 --- a/admin/catalog.php +++ b/admin/catalog.php @@ -21,7 +21,7 @@ require_once '../lib/init.php'; -if (!$GLOBALS['user']->has_access(100)) { +if (!Access::check('interface','100')) { access_denied(); exit; } diff --git a/admin/users.php b/admin/users.php index a3adeb5f..4c505100 100644 --- a/admin/users.php +++ b/admin/users.php @@ -20,13 +20,12 @@ */ require_once '../lib/init.php'; -if (!$GLOBALS['user']->has_access(100)) { + +if (!Access::check('interface','100')) { access_denied(); exit(); } -$user_id = scrub_in($_REQUEST['user_id']); - show_header(); // Switch on the actions @@ -181,30 +180,15 @@ switch ($_REQUEST['action']) { if (Config::get('demo_mode')) { break; } require_once Config::get('prefix') . '/templates/show_add_user.inc.php'; break; - case 'show_inactive': - $view = new View(); - $view->import_session_view(); - - // If we are returning - if ($_REQUEST['keep_view']) { - $view->initialize(); - } - else { - - $inactive = time() - ($_REQUEST['days'] * 24 * 60 *60); - - $sql = "SELECT `id`,`last_seen` FROM `user` where last_seen <= $inactive"; - $db_results = mysql_query($sql,dbh()); - $total_items = mysql_num_rows($db_results); - $view = new View($sql,'admin/users.php','fullname',$total_items,$user->prefs['offset_limit']); - } - - $users = get_users($view->sql); - require_once(conf('prefix') . '/templates/show_users.inc.php'); - + case 'show_preferences': + $client = new User($_REQUEST['user_id']); + $preferences = Preference::get_all($client->id); + require_once Config::get('prefix') . '/templates/show_user_preferences.inc.php'; break; default: Browse::set_type('user'); + Browse::set_simple_browse(1); + Browse::set_sort('name','ASC'); $user_ids = Browse::get_objects(); Browse::show_objects($user_ids); break; diff --git a/docs/CHANGELOG b/docs/CHANGELOG index 95ec6f89..b8b0ec77 100755 --- a/docs/CHANGELOG +++ b/docs/CHANGELOG @@ -4,6 +4,8 @@ -------------------------------------------------------------------------- v.3.4-Alpha4 + - Fixed a bug with Random Play if you had no artists/albums/playlists + - Fixed Admin's ability to modify other users preferences - Added User and Manager levels to Localplay, determines what the user in question can do - Moved Newest * to statistics page diff --git a/lib/class/access.class.php b/lib/class/access.class.php index 3e8331e3..b46b248b 100644 --- a/lib/class/access.class.php +++ b/lib/class/access.class.php @@ -222,6 +222,8 @@ class Access { */ public static function check($type,$level) { + if (!Config::get('use_auth') || Config::get('demo_mode')) { return true; } + $level = intval($level); // Switch on the type @@ -235,6 +237,15 @@ class Access { return false; } break; + case 'interface': + // Check their standard user level + if ($GLOBALS['user']->access >= $level) { + return true; + } + else { + return false; + } + break; default: return false; break; diff --git a/lib/class/preference.class.php b/lib/class/preference.class.php index e2dc57d5..d4841483 100644 --- a/lib/class/preference.class.php +++ b/lib/class/preference.class.php @@ -148,7 +148,33 @@ class Preference { return $results; } // get_catagories - + + /** + * get_all + * This returns a nice flat array of all of the possible preferences for the specified user + */ + public static function get_all($user_id) { + + $user_id = Dba::escape($user_id); + + if ($user_id != '-1') { + $user_limit = "AND `preference`.`catagory` != 'system'"; + } + + $sql = "SELECT `preference`.`name`,`preference`.`description`,`user_preference`.`value` FROM `preference` " . + " INNER JOIN `user_preference` ON `user_preference`.`preference`=`preference`.`id` " . + " WHERE `user_preference`.`user`='$user_id' AND `preference`.`catagory` != 'internal' $user_limit"; + $db_results = Dba::query($sql); + + $results = array(); + + while ($row = Dba::fetch_assoc($db_results)) { + $results[] = array('name'=>$row['name'],'level'=>$row['level'],'description'=>$row['description'],'value'=>$row['value']); + } + + return $results; + + } // get_all /** * insert diff --git a/lib/preferences.php b/lib/preferences.php index 6a5b2bd5..45e12bbb 100644 --- a/lib/preferences.php +++ b/lib/preferences.php @@ -82,7 +82,7 @@ function update_preferences($pref_id=0) { /* Run the update for this preference only if it's set */ if (isset($_REQUEST[$name])) { - update_preference($pref_id,$name,$id,$value); + Preference::update($id,$pref_id,$value); } } // end foreach preferences diff --git a/preferences.php b/preferences.php index fde2f491..35558773 100644 --- a/preferences.php +++ b/preferences.php @@ -24,7 +24,7 @@ require 'lib/init.php'; // Switch on the action switch($_REQUEST['action']) { case 'update_preferences': - if (($_REQUEST['method'] == 'admin' OR $_REQUEST['method'] == 'user') && !$GLOBALS['user']->has_access('100')) { + if ($_REQUEST['method'] == 'admin' && !Access::check('interface','100')) { access_denied(); exit; } @@ -35,11 +35,6 @@ switch($_REQUEST['action']) { $fullname = _('Server'); $_REQUEST['action'] = 'admin'; } - elseif ($_REQUEST['method'] == 'user') { - $user_id = $_REQUEST['user_id']; - $client = new User($user_id); - $fullname = $client->fullname; - } else { $user_id = $GLOBALS['user']->id; $fullname = $GLOBALS['user']->fullname; @@ -51,9 +46,19 @@ switch($_REQUEST['action']) { $preferences = $GLOBALS['user']->get_preferences($user_id,$_REQUEST['tab']); break; + case 'admin_update_preferences': + // Make sure only admins here + if (!Access::check('interface','100')) { + access_denied(); + exit; + } + + update_preferences($_REQUEST['user_id']); + header("Location: " . Config::get('web_path') . "/admin/users.php?action=show_preferences&user_id=" . scrub_out($_REQUEST['user_id'])); + break; case 'admin': // Make sure only admins here - if (!$GLOBALS['user']->has_access('100')) { + if (!Access::check('interface','100')) { access_denied(); exit; } diff --git a/server/random.ajax.php b/server/random.ajax.php index 70429e09..269a6ec6 100644 --- a/server/random.ajax.php +++ b/server/random.ajax.php @@ -27,6 +27,10 @@ if (AJAX_INCLUDE != '1') { exit; } switch ($_REQUEST['action']) { case 'album': $album_id = Random::album(); + + // If we don't get anything stop + if (!$album_id) { break; } + $album = new Album($album_id); $songs = $album->get_songs(); foreach ($songs as $song_id) { @@ -36,6 +40,10 @@ switch ($_REQUEST['action']) { break; case 'artist': $artist_id = Random::artist(); + + // If we don't get anything stop + if (!$artist_id) { break; } + $artist = new Artist($artist_id); $songs = $artist->get_songs(); foreach ($songs as $song_id) { @@ -45,6 +53,10 @@ switch ($_REQUEST['action']) { break; case 'playlist': $playlist_id = Random::playlist(); + + // If we don't get any results stop right here! + if (!$playlist_id) { break; } + $playlist = new Playlist($playlist_id); $items = $playlist->get_items(); foreach ($items as $item) { diff --git a/templates/show_preference_box.inc.php b/templates/show_preference_box.inc.php index c70f48d0..8d4fcb15 100644 --- a/templates/show_preference_box.inc.php +++ b/templates/show_preference_box.inc.php @@ -22,7 +22,7 @@ /* I'm cheating a little here, check to see if we want to show the * Apply to All button on this page */ -if (($GLOBALS['user']->has_access(100) OR !Config::get('use_auth')) AND $_REQUEST['action'] == 'admin') { +if ((Access::check('interface','100') OR !Config::get('use_auth')) AND $_REQUEST['action'] == 'admin') { $is_admin = true; } ?> diff --git a/templates/show_user_preferences.inc.php b/templates/show_user_preferences.inc.php new file mode 100644 index 00000000..23670067 --- /dev/null +++ b/templates/show_user_preferences.inc.php @@ -0,0 +1,59 @@ +<?php +/* + + Copyright (c) 2001 - 2007 Ampache.org + All rights reserved + + This program is free software; you can redistribute it and/or + modify it under the terms of the GNU General Public License v2 + as published by the Free Software Foundation. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. + +*/ + +/** + * This page has a few tabs, as such we need to figure out which tab we are on + * and display the information accordingly + */ + +?> +<?php show_box_top(_('Editing') . ' ' . $client->fullname . ' ' . _('preferences'),'box box_preferences'); ?> +<form method="post" name="preferences" action="<?php echo Config::get('web_path'); ?>/preferences.php?action=admin_update_preferences" enctype="multipart/form-data"> +<table class="tabledata" cellspacing="0"> +<colgroup> + <col id="col_preference" /> + <col id="col_value" /> +</colgroup> +<tr class="th-top"> + <th class="col_preference"><?php echo _('Preference'); ?></th> + <th class="col_value"><?php echo _('Value'); ?></th> +</tr> +<?php foreach ($preferences as $pref) { ?> + <tr class="<?php echo flip_class(); ?>"> + <td class="cel_preference"><?php echo _($pref['description']); ?></td> + <td class="cel_value"> + <?php create_preference_input($pref['name'], $pref['value']); ?> + </td> + </tr> +<?php } // End foreach ($preferences['prefs'] as $pref) ?> +<tr> + <td> + <div class="formValidation"> + <input class="button" type="submit" value="<?php echo _('Update Preferences'); ?>" /> + <input type="hidden" name="user_id" value="<?php echo scrub_out($_REQUEST['user_id']); ?>" /> + </div> + </td> + <td> </td> +</tr> +</table> +</form> + +<?php show_box_bottom(); ?> diff --git a/templates/show_users.inc.php b/templates/show_users.inc.php index a27963ab..797c0b16 100644 --- a/templates/show_users.inc.php +++ b/templates/show_users.inc.php @@ -73,6 +73,9 @@ foreach ($object_ids as $user_id) { <a href="<?php echo $web_path; ?>/admin/users.php?action=show_edit&user_id=<?php echo $client->id; ?>"> <?php echo get_user_icon('edit'); ?> </a> + <a href="<?php echo $web_path; ?>/admin/users.php?action=show_preferences&user_id=<?php echo $client->id; ?>"> + <?php echo get_user_icon('preferences'); ?> + </a> <?php //FIXME: Fix this for the extra permission levels if ($client->disabled == '1') { |