diff options
| -rw-r--r-- | amp-mpd.php | 2 | ||||
| -rwxr-xr-x | docs/CHANGELOG | 18 | ||||
| -rw-r--r-- | lib/class/album.class.php | 1 | ||||
| -rw-r--r-- | lib/class/playlist.class.php | 30 | ||||
| -rw-r--r-- | lib/class/user.class.php | 2 | ||||
| -rw-r--r-- | modules/init.php | 2 | ||||
| -rw-r--r-- | modules/lib.php | 2 | ||||
| -rw-r--r-- | playlist.php | 41 | ||||
| -rw-r--r-- | templates/show_album_art.inc.php | 42 | ||||
| -rw-r--r-- | templates/show_playlist_box.inc.php | 20 |
10 files changed, 100 insertions, 60 deletions
diff --git a/amp-mpd.php b/amp-mpd.php index f1a27656..1a95f331 100644 --- a/amp-mpd.php +++ b/amp-mpd.php @@ -169,7 +169,7 @@ if (is_object($myMpd)) { $playlist = new Playlist($pl_id); if( $pl_id == 0 ) { // new playlist $playlist_name = _("New Playlist") . " - " . date("m/j/y, g:i a"); - $playlist->create_playlist($playlist_name, $user->username, 'private'); + $playlist->create($playlist_name, $user->username, 'private'); $pl_id = $playlist->id; } diff --git a/docs/CHANGELOG b/docs/CHANGELOG index 4c748a3c..ca273bf5 100755 --- a/docs/CHANGELOG +++ b/docs/CHANGELOG @@ -4,18 +4,26 @@ -------------------------------------------------------------------------- v.3.3.2-Beta1 + - Fixed bug where you couldn't delete admin users because of an + overzelous permission check + - Fixed Search Album art page so it correctly shows results + (Thx nhorlock) + - Fixed stylesheet so all old Themes work again (Thx Sigger) + - Added Normalize Tracks function to playlist which makes track + numbers contiguous + - Fixed ordering on Playlists under new code - Added the Import From File action for playlists back. The link was just missing - Fixed SQL errors with Windows + Mysql5.x songs with empty genres, are now given a Unknown genre value (Thx WarrenG) - Rewrote entire Playlist class and document to use the new id field in database, also added support for playlist tracks - that are based on search critera. + that are based on search criteria. - Fixed Album Art Search so that it doesn't include the artist if there is more then one artist on the album - Fixed Registration code so that it used existing functions and added default to off config option for captcha because - its hard to detect compatiblity + its hard to detect compatibility - Fixed some logic errors in Downsampling code - Updated Registration code (Thx pb1dft) - Updated GetId3() Library to v.1.7.5 @@ -26,12 +34,12 @@ - Fixed Typo in Amazon Search debug statement - Added sort_files.php.inc to /bin - Fixed Ratings designation mistake and added it to artist view - - Fixed location detection for contextual titls and browse + - Fixed location detection for contextual titles and browse on the simple menu's (Thx SoundOfEmotion) - Fixed a botched change to the database (No Data loss!) but I still feel stupid (Blame Vollmer) - - Fixed a problem where .flac files wouldn't get reconized by - the regular expresison that pulls in files from m3u's + - Fixed a problem where .flac files wouldn't get recognized by + the regular expression that pulls in files from m3u's (Thx nhorlock) - Fixed a logic problem with the rating system where it would show a star for the 0 value when it should always show diff --git a/lib/class/album.class.php b/lib/class/album.class.php index 86ef3af4..e6354bd4 100644 --- a/lib/class/album.class.php +++ b/lib/class/album.class.php @@ -477,7 +477,6 @@ class Album { continue; } -// $snoopy->fetch($results[$key]); $data['url'] = $result[$key]; $data['mime'] = $mime; diff --git a/lib/class/playlist.class.php b/lib/class/playlist.class.php index f0ef69ff..c89ac420 100644 --- a/lib/class/playlist.class.php +++ b/lib/class/playlist.class.php @@ -92,7 +92,7 @@ class Playlist { */ function get_items() { - $sql = "SELECT * FROM playlist_data WHERE playlist='" . sql_escape($this->id) . "'"; + $sql = "SELECT * FROM playlist_data WHERE playlist='" . sql_escape($this->id) . "' ORDER BY track"; $db_results = mysql_query($sql, dbh()); while ($r = mysql_fetch_assoc($db_results)) { @@ -198,6 +198,34 @@ class Playlist { } // get_song_count /** + * has_access + * This takes no arguments. It looks at the currently logged in user (_SESSION) + * This accounts for admin powers and the access on a per list basis + */ + function has_access() { + + if (!$GLOBALS['user']->has_access(25)) { return false; } + + /* If they are a full admin, then they always get rights */ + if ($GLOBALS['user']->has_access(100)) { return true; } + + if ($this->user == $GLOBALS['user']->username) { return true; } + + /* Check the Playlist_permission table */ + $sql = "SELECT id FROM playlist_permission WHERE " . + "playlist='" . sql_escape($this->id) . "' AND userid='" . sql_escape($GLOBALS['user']->username) . "'" . + " AND level >= '25'"; + $db_results = mysql_query($sql, dbh()); + + $results = mysql_fetch_row($db_results); + + if ($results) { return true; } + + return false; + + } // has_access + + /** * update_type * This updates the playlist type, it calls the generic update_item function */ diff --git a/lib/class/user.class.php b/lib/class/user.class.php index 5a7fc306..2df961e9 100644 --- a/lib/class/user.class.php +++ b/lib/class/user.class.php @@ -723,7 +723,7 @@ class User { admin */ if ($this->has_access(100)) { - $sql = "SELECT * FROM user WHERE (level='admin' OR level='100') AND username!='" . $this->username . "'"; + $sql = "SELECT username FROM user WHERE (access='admin' OR access='100') AND username !='" . sql_escape($this->username) . "'"; $db_results = mysql_query($sql, dbh()); if (!mysql_num_rows($db_results)) { return false; diff --git a/modules/init.php b/modules/init.php index be83fa00..500a913d 100644 --- a/modules/init.php +++ b/modules/init.php @@ -83,7 +83,7 @@ if (!$results['conf']['allow_stream_playback']) { $results['conf']['raw_web_path'] = $results['conf']['web_path']; $results['conf']['web_path'] = $http_type . $_SERVER['HTTP_HOST'] . $results['conf']['web_path']; -$results['conf']['version'] = '3.3.2-Beta1 (Build 002)'; +$results['conf']['version'] = '3.3.2-Beta1 (Build 003)'; $results['conf']['catalog_file_pattern']= 'mp3|mpc|m4p|m4a|mp4|aac|ogg|rm|wma|asf|flac|spx'; $results['libglue']['local_table'] = 'session'; $results['libglue']['local_sid'] = 'id'; diff --git a/modules/lib.php b/modules/lib.php index e0e739cc..f35efcc6 100644 --- a/modules/lib.php +++ b/modules/lib.php @@ -102,7 +102,7 @@ function delete_user_stats ($user) { function insert_flagged_song($song, $reason, $comment) { - $user = $_SESSION['userdata']['id']; + $user = $_SESSION['userdata']['username']; $time = time(); $sql = "INSERT INTO flagged (user,song,type,comment,date)" . " VALUES ('$user','$song', '$reason', '$comment', '$time')"; diff --git a/playlist.php b/playlist.php index 64be7f7e..5537867e 100644 --- a/playlist.php +++ b/playlist.php @@ -37,7 +37,7 @@ $playlist = new Playlist(scrub_in($_REQUEST['playlist_id'])); switch ($action) { case 'delete_playlist': /* Make sure they have the rights */ - if (!$GLOBALS['user']->has_access(100) AND $GLOBALS['user']->username != $playlist->user) { + if (!$playlist->has_access()) { access_denied(); break; } @@ -47,7 +47,7 @@ switch ($action) { break; case 'show_delete_playlist': /* Make sure they have the rights */ - if (!$GLOBALS['user']->has_access(100) AND $GLOBALS['user']->username != $playlist->user) { + if (!$playlist->has_access()) { access_denied(); break; } @@ -58,18 +58,18 @@ switch ($action) { break; case 'add_to': case 'add to': - /* Check to make sure they've got rights */ - if (!$GLOBALS['user']->has_access(25)) { - access_denied(); - break; - } /* If we don't already have a playlist */ - if (!$playlist->id) { + if (!$playlist->id && $GLOBALS['user']->has_access(25)) { $playlist_name = _('New Playlist') . " - " . date('m/j/y, g:i a'); $id = $playlist->create($playlist_name, 'private'); $playlist = new Playlist($id); } + if (!$playlist->has_access()) { + access_denied(); + break; + } + /* Must be admin or person who created this playlist */ if ($GLOBALS['user']->username != $playlist->user && !$GLOBALS['user']->has_access(100)) { access_denied(); @@ -89,7 +89,7 @@ switch ($action) { break; case 'add_dyn_song': /* Check Rights */ - if (!$GLOBALS['user']->has_access(100) && $GLOBALS['user']->username != $playlist->username) { + if (!$playlist->has_access()) { access_denied(); break; } @@ -120,7 +120,7 @@ switch ($action) { case 'remove_song': case _('Remote Selected Tracks'): /* Check em for rights */ - if (!$GLOBALS['user']->has_access(100) && $GLOBALS['user']->username != $playlist->user) { + if (!$playlist->has_access) { access_denied(); break; } @@ -129,7 +129,7 @@ switch ($action) { break; case 'update': /* Make sure they've got thems rights */ - if (!$GLOBALS['user']->has_access(100) && $GLOBALS['user']->username != $playlist->user) { + if (!$playlist->has_access()) { access_denied(); break; } @@ -138,10 +138,6 @@ switch ($action) { $playlist->update_name($_REQUEST['new_playlist_name']); show_confirmation(_('Playlist Updated'),$playlist_name . ' (' . $playlist_type . ') ' . _(' has been updated'),'playlist.php?action=show_playlist&playlist_id=' . $playlist->id); break; - //FIXME: WTF Mate? - case _('Update Selected'): - - break; case 'show_playlist': show_playlist($playlist); break; @@ -150,7 +146,7 @@ switch ($action) { break; case 'set_track_numbers': /* Make sure they have permission */ - if (!$GLOBALS['user']->has_access(100) && $GLOBALS['user']->username != $playlist->user) { + if (!$playlist->has_access()) { access_denied(); break; } @@ -164,6 +160,19 @@ switch ($action) { show_playlist($playlist); break; + case 'normalize_tracks': + /* Make sure they have permission */ + if (!$playlist->has_access()) { + access_denied(); + break; + } + + /* Normalize the tracks */ + $playlist->normalize_tracks(); + + /* Show our wonderful work */ + show_playlist($playlist); + break; default: show_playlists(); break; diff --git a/templates/show_album_art.inc.php b/templates/show_album_art.inc.php index c02b8b52..78ff1fb3 100644 --- a/templates/show_album_art.inc.php +++ b/templates/show_album_art.inc.php @@ -22,51 +22,35 @@ // Gotta do some math here! $total_images = count($images); +$rows = floor($total_images/3); -$rows = floor($total_images/6); -$spare = $total_images - ($rows * 6); $i = 0; ?> <table class="text-box"> +<tr> <?php while ($i <= $rows) { - $images[$i]; - $ii = $i+1; - $iii = $i+2; + $j=0; + while ($j < 3) { + $key = $i*3+$j; + if (!isset($images[$key])) { echo "<td> </td>\n"; } + else { ?> - <tr> <td align="center"> - <a href="<?php echo $images[$i]['url']; ?>" target="_blank"> - <img src="<?php echo scrub_out($images[$i]['url']); ?>" border="0" height="175" width="175" /><br /> + <a href="<?php echo $images[$key]['url']; ?>" target="_blank"> + <img src="<?php echo scrub_out($images[$key]['url']); ?>" border="0" height="175" width="175" /><br /> </a> <p align="center"> [<a href="<?php echo conf('web_path'); ?>/albums.php?action=select_art&image=<?php echo $i; ?>&album_id=<?php echo urlencode($_REQUEST['album_id']); ?>">Select</a>] </p> </td> - <td align="center"> - <?php if (isset($images[$ii])) { ?> - <a href="<?php echo $images[$ii]['url']; ?>" target="_blank"> - <img src="<?php echo scrub_out($images[$ii]['url']); ?>" border="0" height="175" width="175" /><br /> - </a> - <p align="center"> - [<a href="<?php echo conf('web_path'); ?>/albums.php?action=select_art&image=<?php echo $ii; ?>&album_id=<?php echo urlencode($_REQUEST['album_id']); ?>">Select</a>] - </p> - <?php } ?> - </td> - <td align="center"> - <?php if (isset($images[$iii])) { ?> - <a href="<?php echo $images[$iii]['url']; ?>" target="_blank"> - <img src="<?php echo scrub_out($images[$iii]['url']); ?>" border="0" height="175" width="175" /><br /> - </a> - <p align="center"> - [<a href="<?php echo conf('web_path'); ?>/albums.php?action=select_art&image=<?php echo $iii; ?>&album_id=<?php echo urlencode($_REQUEST['album_id']); ?>">Select</a>] - </p> - <?php } ?> - </td> - </tr> <?php + } // end else + $j++; + } // end while cells + echo "</tr>\n<tr>"; $i++; } // end while ?> diff --git a/templates/show_playlist_box.inc.php b/templates/show_playlist_box.inc.php index ee9f314c..cc67bd6a 100644 --- a/templates/show_playlist_box.inc.php +++ b/templates/show_playlist_box.inc.php @@ -19,13 +19,25 @@ Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ +/** + * Playlist Box + * This box is used for actions on the main screen and on a specific playlist page + * It changes depending on where it is + */ + +$web_path = conf('web_path'); ?> <table class="text-box"> <tr><td> - <span class="header1"><?php echo _('Playlist Actions'); ?></span><br /> - <a href="<?php echo conf('web_path'); ?>/playlist.php?action=new"><?php echo _('Create New Playlist'); ?></a><br /> - <a href="<?php echo conf('web_path'); ?>/playlist.php"><?php echo _('View All Playlists'); ?></a><br /> - <a href="<?php echo conf('web_path'); ?>/playlist.php?action=show_import_playlist"><?php echo _('Import From File'); ?></a><br /> + <span class="header1"><?php echo _('Playlist Actions'); ?></span><br /><br /> + <a href="<?php echo $web_path; ?>/playlist.php?action=new"><?php echo _('Create New Playlist'); ?></a><br /> + <a href="<?php echo $web_path; ?>/playlist.php"><?php echo _('View All Playlists'); ?></a><br /> + <a href="<?php echo $web_path; ?>/playlist.php?action=show_import_playlist"><?php echo _('Import From File'); ?></a><br /> + <?php if ($_REQUEST['playlist_id']) { ?> + <a href="<?php echo $web_path; ?>/playlist.php?action=normalize_tracks"><?php echo _('Normalize Tracks'); ?></a><br /> + <a href="<?php echo $web_path; ?>/song.php?action=play_selected&playlist_id=<?php echo $_REQUEST['playlist_id']; ?>"><?php echo _('Play This Playlist'); ?></a><br /> + <?php } ?> </td></tr> </table> +<br /> |