summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rwxr-xr-xdocs/CHANGELOG7
-rw-r--r--lib/class/access.class.php49
-rw-r--r--lib/class/update.class.php33
-rw-r--r--lib/init.php2
-rw-r--r--lib/ui.lib.php40
-rw-r--r--play/index.php12
-rw-r--r--templates/default.css1
-rw-r--r--templates/show_access_list.inc5
-rw-r--r--templates/show_add_access.inc50
-rw-r--r--templates/show_edit_access.inc34
10 files changed, 175 insertions, 58 deletions
diff --git a/docs/CHANGELOG b/docs/CHANGELOG
index 55e82e5a..f1692980 100755
--- a/docs/CHANGELOG
+++ b/docs/CHANGELOG
@@ -4,11 +4,14 @@
--------------------------------------------------------------------------
v.3.3.2
+ - Added New ACL system which allows user based ACL's and
+ introduces shared keys for xml-rpc communication and
+ local/remote network definitions for auto-downsampling
- Introduced new Theming method and 'migrated' all old themes in
/contrib results may vary. (Thx Ros)
- Added ability to search by Rating, requires MySQL 4.0 or above
- - Page headers now limited to 20 pages with [....] between top
- and bottom 10.
+ - Page headers now limited to 30 pages with [....] between top
+ and bottom 15.
- Added Browse by Title functionality (Thx Rubin)
- Added Min Album size as preference, defaults to 0 (Thx Rubin)
- Fixed a problem with the automatic registration sorting on user
diff --git a/lib/class/access.class.php b/lib/class/access.class.php
index 330156b7..5e664741 100644
--- a/lib/class/access.class.php
+++ b/lib/class/access.class.php
@@ -89,8 +89,13 @@ class Access {
$start = ip2int($data['start']);
$end = ip2int($data['end']);
$level = sql_escape($data['level']);
-
- $sql = "UPDATE access_list SET start='$start', end='$end', level='$level' WHERE id='" . sql_escape($this->id) . "'";
+ $user = sql_escape($data['user']);
+ $key = sql_escape($data['key']);
+
+ $sql = "UPDATE access_list " .
+ "SET start='$start', end='$end', level='$level', user='$user' " .
+ "WHERE id='" . sql_escape($this->id) . "'";
+
$db_results = mysql_query($sql, dbh());
return true;
@@ -115,10 +120,12 @@ class Access {
$level = intval($level);
$type = $this->validate_type($type);
- $sql = "INSERT INTO access_list (`name`,`level`,`start`,`end`) VALUES ".
- "('$name','$level','$start','$end')";
+ $sql = "INSERT INTO access_list (`name`,`level`,`start`,`end`,`key`,`user`,`type`) " .
+ "VALUES ('$name','$level','$start','$end','$key','$user','$type')";
$db_results = mysql_query($sql, dbh());
+ return true;
+
} // create
/*!
@@ -140,7 +147,7 @@ class Access {
@function check
@discussion check to see if they have rights
*/
- function check($needed, $ip) {
+ function check($type,$ip,$user,$level,$key='') {
// They aren't using access control
// lets just keep on trucking
@@ -148,9 +155,29 @@ class Access {
return true;
}
- $ip = ip2int($ip);
+ // Clean incomming variables
+ $ip = ip2int(intval($ip));
+ $user = sql_escape($user);
+ $key = sql_escape($key);
+ $level = sql_escape($level);
- $sql = "SELECT id FROM access_list WHERE start<='$ip' AND end>='$ip' AND level>='$needed'";
+ switch ($type) {
+ case 'xml-rpc':
+ $sql = "SELECT id FROM access_list" .
+ " WHERE `start` <= '$ip' AND `end` >= '$ip'" .
+ " AND `key` = '$key' AND `level` >= '$level'";
+ break;
+ case 'network':
+ case 'interface':
+ case 'stream':
+ default:
+ $sql = "SELECT id FROM access_list" .
+ " WHERE `start` <= '$ip' AND `end` >= '$ip'" .
+ " AND `level` >= '$level' AND `type` = '$type'";
+ if (strlen($user)) { $sql .= " AND (`user` = '$user' OR `user` IS NULL)"; }
+ else { $sql .= " AND `user` IS NULL"; }
+ break;
+ } // end switch on type
$db_results = mysql_query($sql, dbh());
// Yah they have access they can use the mojo
@@ -240,9 +267,13 @@ class Access {
* Take a user and return their full name
*/
function get_user_name() {
-
+
$user = new User($this->user);
- return $user->name;
+ if ($user->username) {
+ return $user->fullname . " (" . $user->username . ")";
+ }
+
+ return false;
} // get_user_name
diff --git a/lib/class/update.class.php b/lib/class/update.class.php
index ca5b4d6e..e505ea87 100644
--- a/lib/class/update.class.php
+++ b/lib/class/update.class.php
@@ -281,12 +281,13 @@ class Update {
$version[] = array('version' => '332011','description' => $update_string);
$update_string = '- Reworked All Indexes on tables, hopefully leading to performance improvements.<br />' .
- '- Added live_stream table for radio station support.<br />' .
'- Added id int(11) UNSIGNED fields to a few tables missing it.<br />' .
'- Removed DB Based color/font preferences and Theme preferences catagory.<br />';
$version[] = array('version' => '332012','description' => $update_string);
+ $update_string = '- Added live_stream table for radio station support.<br />';
+
return $version;
@@ -1643,17 +1644,6 @@ class Update {
*/
function update_332012() {
- $sql = "CREATE TABLE `live_stream` (" .
- "`id` INT( 11 ) UNSIGNED NOT NULL AUTO_INCREMENT PRIMARY KEY ," .
- "`name` VARCHAR( 128 ) NOT NULL ," .
- "`site_url` VARCHAR( 255 ) NOT NULL ," .
- "`url` VARCHAR( 255 ) NOT NULL ," .
- "`genre` INT( 11 ) UNSIGNED NOT NULL ," .
- "`catalog` INT( 11 ) UNSIGNED NOT NULL ," .
- "`frequency` VARCHAR( 32 ) NOT NULL ," .
- "`call_sign` VARCHAR( 32 ) NOT NULL" .
- ") ENGINE = MYISAM";
-
/* Clean Up Indexes */
// Access List
@@ -1785,6 +1775,25 @@ class Update {
$this->set_version('db_version','332012');
} // update_332012
+
+ /**
+ * update_332013
+ * OMG BeatingsForVollmer++
+ */
+ function update_332013() {
+
+ $sql = "CREATE TABLE `live_stream` (" .
+ "`id` INT( 11 ) UNSIGNED NOT NULL AUTO_INCREMENT PRIMARY KEY ," .
+ "`name` VARCHAR( 128 ) NOT NULL ," .
+ "`site_url` VARCHAR( 255 ) NOT NULL ," .
+ "`url` VARCHAR( 255 ) NOT NULL ," .
+ "`genre` INT( 11 ) UNSIGNED NOT NULL ," .
+ "`catalog` INT( 11 ) UNSIGNED NOT NULL ," .
+ "`frequency` VARCHAR( 32 ) NOT NULL ," .
+ "`call_sign` VARCHAR( 32 ) NOT NULL" .
+ ")";
+
+ } // update_332013
} // end update class
?>
diff --git a/lib/init.php b/lib/init.php
index f3be960e..703f6bbe 100644
--- a/lib/init.php
+++ b/lib/init.php
@@ -80,7 +80,7 @@ if (!$results['allow_stream_playback']) {
/** This is the version.... fluf nothing more... **/
-$results['version'] = '3.3.2 Build (003)';
+$results['version'] = '3.3.2 Build (004)';
$results['raw_web_path'] = $results['web_path'];
$results['web_path'] = $http_type . $_SERVER['HTTP_HOST'] . $results['web_path'];
diff --git a/lib/ui.lib.php b/lib/ui.lib.php
index f4783b53..88f050ec 100644
--- a/lib/ui.lib.php
+++ b/lib/ui.lib.php
@@ -888,31 +888,31 @@ function get_location() {
case 'preferences.php':
$location['title'] = 'Preferences';
break;
- case 'admin/index.php':
+ case 'adminindex.php':
$location['title'] = 'Admin';
$location['section'] = 'admin';
break;
- case 'admin/catalog.php':
+ case 'admincatalog.php':
$location['title'] = 'Catalog';
$location['section'] = 'admin';
break;
- case 'admin/users.php':
+ case 'adminusers.php':
$location['title'] = 'User Management';
$location['section'] = 'admin';
break;
- case 'admin/mail.php':
+ case 'adminmail.php':
$location['title'] = 'Mail Users';
$location['section'] = 'admin';
break;
- case 'admin/access.php':
+ case 'adminaccess.php':
$location['title'] = 'Manage Access Lists';
$location['section'] = 'admin';
break;
- case 'admin/preferences.php':
+ case 'adminpreferences.php':
$location['title'] = 'Site Preferences';
$location['section'] = 'admin';
break;
- case 'admin/modules.php':
+ case 'adminmodules.php':
$location['title'] = 'Manage Modules';
$location['section'] = 'admin';
break;
@@ -1263,6 +1263,32 @@ function show_catalog_select($name='catalog',$catalog_id=0,$style='') {
} // show_catalog_select
+
+/**
+ * show_user_select
+ * This one is for users! shows a select/option statement so you can pick a user
+ * to blame
+ */
+function show_user_select($name,$selected='',$style='') {
+
+ echo "<select name=\"$name\" style=\"$style\">\n";
+ echo "\t<option value=\"\">" . _('None') . "</option>\n";
+
+ $sql = "SELECT username as id,fullname FROM user ORDER BY fullname";
+ $db_results = mysql_query($sql, dbh());
+
+ while ($r = mysql_fetch_assoc($db_results)) {
+ $select_txt = '';
+ if ($r['id'] == $selected) {
+ $select_txt = 'selected="selected"';
+ }
+
+ echo "\t<option value=\"" . $r['id'] . "\" $select_txt>" . scrub_out($r['fullname']) . "</option>\n";
+
+ } // end while users
+
+} // show_user_select
+
/**
* show_box_top
* This function requires the top part of the box
diff --git a/play/index.php b/play/index.php
index 91f1323f..1dbf8ef1 100644
--- a/play/index.php
+++ b/play/index.php
@@ -74,7 +74,8 @@ if (conf('demo_mode') || (!$GLOBALS['user']->has_access('25') && !$xml_rpc) ) {
*/
if (conf('access_control')) {
$access = new Access(0);
- if (!$access->check("25", $_SERVER['REMOTE_ADDR'])) {
+ if (!$access->check('stream',$_SERVER['REMOTE_ADDR'],$GLOBALS['user']->username,'25') AND
+ !$access->check('network',$_SERVER['REMOTE_ADDR'],$GLOBALS['user']->username,'25')) {
debug_event('access_denied', "Streaming Access Denied: " . $_SERVER['REMOTE_ADDR'] . " does not have stream level access",'3');
access_denied();
}
@@ -189,8 +190,15 @@ header("Accept-Ranges: bytes" );
// Prevent the script from timing out
set_time_limit(0);
+
+/* If access control is on and they aren't local, downsample! */
+if (conf('access_control')) {
+ if (!$access->check('network',$_SERVER['REMOTE_ADDR'],$GLOBALS['user']->username,'25')) {
+ $not_local = true;
+ }
+} // if access_control
-if ($GLOBALS['user']->prefs['play_type'] == 'downsample' || !$song->native_stream()) {
+if ($GLOBALS['user']->prefs['play_type'] == 'downsample' || !$song->native_stream() || $not_local) {
$results = start_downsample($song,$lastid,$song_name);
$fp = $results['handle'];
$song->size = $results['size'];
diff --git a/templates/default.css b/templates/default.css
index 5939425a..d6bd5b98 100644
--- a/templates/default.css
+++ b/templates/default.css
@@ -506,6 +506,7 @@ li.current-rating{
}
.box-title {
border-bottom: solid 1px; #000000;
+ font-size: 1.05em;
font-weight: bold;
}
.box-left-top {
diff --git a/templates/show_access_list.inc b/templates/show_access_list.inc
index 13a24fbd..20dddab0 100644
--- a/templates/show_access_list.inc
+++ b/templates/show_access_list.inc
@@ -44,7 +44,7 @@ stream from this server.</p>
<a href="<?php echo $web_path; ?>/admin/access.php?action=show_add_host"><?php echo _('Add Entry'); ?></a>
</span>
</p>
-
+<?php if (count($list)) { ?>
<table cellspacing="1" cellpadding="3" class="border">
<tr class="table-header" align="center">
<td><?php echo _('Name'); ?></td>
@@ -57,7 +57,6 @@ stream from this server.</p>
<td><?php echo _('Action'); ?></td>
</tr>
<?php
-if (count($list)) {
/* Start foreach List Item */
foreach ($list as $access) {
?>
@@ -77,7 +76,7 @@ if (count($list)) {
</tr>
<?php $row_classes = array_reverse($row_classes); ?>
<?php } // end foreach ?>
-<?php } // end if count ?>
</table>
+<?php } // end if count ?>
<?php show_box_bottom(); ?>
diff --git a/templates/show_add_access.inc b/templates/show_add_access.inc
index 9c878365..237f0c6f 100644
--- a/templates/show_add_access.inc
+++ b/templates/show_add_access.inc
@@ -19,10 +19,6 @@
Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
*/
-
-/*!
- @header Add Access List Entry
-*/
?>
<?php show_box_top(_('Add Access for a Host')); ?>
<p><?php echo _('Use the form below to add a host that you want to have access to your Ampache catalog.'); ?></p>
@@ -31,39 +27,65 @@
<form name="update_catalog" method="post" enctype="multipart/form-data" action="<?php echo conf('web_path'); ?>/admin/access.php">
<table cellpadding="5" cellspacing="0" border="0">
<tr>
- <td><?php echo _('Name'); ?>: </td>
+ <td><?php echo _('Name'); ?>:</td>
<td>
- <input type="text" name="name" value="<?php echo $_REQUEST['name']; ?>" size="30" />
+ <input type="text" name="name" value="<?php echo scrub_out($_REQUEST['name']); ?>" size="20" />
</td>
</tr>
<tr>
<td><?php echo _('Start IP Address'); ?>:</td>
<td>
- <input type="text" name="start" value="<?php echo $_REQUEST['start']; ?>" size="20" maxlength="15" />
+ <input type="text" name="start" value="<?php echo scrub_out($_REQUEST['start']); ?>" size="20" maxlength="15" />
</td>
</tr>
<tr>
<td><?php echo _('End IP Address'); ?>:</td>
<td>
- <input type="text" name="end" value="<?php echo $_REQUEST['end']; ?>" size="20" maxlength="15" />
+ <input type="text" name="end" value="<?php echo scrub_out($_REQUEST['end']); ?>" size="20" maxlength="15" />
+ </td>
+</tr>
+<tr>
+ <td><?php echo _('User'); ?>:</td>
+ <td>
+ <?php show_user_select('user'); ?>
</td>
</tr>
<tr>
<td><?php echo _('Level'); ?>:</td>
<td>
<select name="level">
- <option selected="selected" value="5" ><?php echo _('Demo'); ?></option>
- <option value="25"><?php echo _('Stream'); ?></option>
- <option value="50"><?php echo _('Stream/Download'); ?></option>
- <option value="75"><?php echo _('XML-RPC'); ?></option>
+ <option selected="selected" value="5" ><?php echo _('View'); ?></option>
+ <option value="25"><?php echo _('Read'); ?></option>
+ <option value="50"><?php echo _('Read/Write'); ?></option>
+ <option value="75"><?php echo _('All'); ?></option>
+ </select>
+ </td>
+</tr>
+<tr>
+ <td><?php echo _('ACL Type'); ?>:</td>
+ <td>
+ <select name="type">
+ <option selected="selected" value="stream"><?php echo _('Stream Access'); ?></option>
+ <option value="interface"><?php echo _('Web Interface'); ?></option>
+ <option value="network"><?php echo _('Local Network Definition'); ?></option>
+ <option vlaue="xml-rpc"><?php echo _('XML-RPC'); ?></option>
</select>
</td>
</tr>
<tr>
- <td>&nbsp;</td>
+ <td colspan="2"><br /><?php echo _('XML-RPC Options'); ?>:</td>
+</tr>
+<tr>
+ <td><?php echo _('Remote Key'); ?>:</td>
<td>
+ <input type="text" name="key" value="<?php echo scrub_out($_REQUEST['end']); ?>" size="32" maxlength="32" />
+ </td>
+</tr>
+<tr>
+ <td colspan="2">
+ <br />
<input type="hidden" name="action" value="add_host" />
- <input type="submit" value="<?php echo _('Add Host'); ?>" />
+ <input type="submit" value="<?php echo _('Create ACL'); ?>" />
</td>
</tr>
</table>
diff --git a/templates/show_edit_access.inc b/templates/show_edit_access.inc
index 95adad9e..21794aaf 100644
--- a/templates/show_edit_access.inc
+++ b/templates/show_edit_access.inc
@@ -20,16 +20,18 @@
*/
?>
-
-<p class="header1"><?php echo _('Edit Access List'); ?></p>
-
+<?php show_box_top(_('Edit Access List')); ?>
<form name="edit_access" method="post" enctype="multipart/form-data" action="<?php echo conf('web_path'); ?>/admin/access.php">
-<table class="text-box">
+<table>
<tr>
<td><?php echo _('Name'); ?>: </td>
<td><?php echo scrub_out($access->name); ?></td>
</tr>
<tr>
+ <td><?php echo _('ACL Type'); ?>: </td>
+ <td><?php echo scrub_out($access->get_type_name()); ?></td>
+</tr>
+<tr>
<td><?php echo _('Start IP Address'); ?>:</td>
<td>
<input type="text" name="start" value="<?php echo int2ip($access->start); ?>" size="20" maxlength="15" />
@@ -42,14 +44,29 @@
</td>
</tr>
<tr>
+ <td><?php echo _('User'); ?>:</td>
+ <td>
+ <?php show_user_select('user',$access->user); ?>
+ </td>
+</tr>
+<?php if ($access->type == 'xml-rpc') { ?>
+<tr>
+ <td><?php echo _('Remote Key'); ?></td>
+ <td>
+ <input type="text" name="key" value="<?php echo scrub_out($access->key); ?>" size="32" maxlength="32" />
+ </td>
+</tr>
+<?php } ?>
+</tr>
+<tr>
<td><?php echo _('Level'); ?>:</td>
<td>
<select name="level">
<?php $name = 'level_' . $access->level; ${$name} = 'selected="selected"'; ?>
- <option value="5" <?php echo $level_5; ?>><?php echo _('Demo'); ?></option>
- <option value="25" <?php echo $level_25; ?>><?php echo _('Stream'); ?></option>
- <option value="50" <?php echo $level_50; ?>><?php echo _('Stream/Download'); ?></option>
- <option value="75" <?php echo $level_75; ?>><?php echo _('XML-RPC'); ?></option>
+ <option value="5" <?php echo $level_5; ?>><?php echo _('View'); ?></option>
+ <option value="25" <?php echo $level_25; ?>><?php echo _('Read'); ?></option>
+ <option value="50" <?php echo $level_50; ?>><?php echo _('Read/Write'); ?></option>
+ <option value="75" <?php echo $level_75; ?>><?php echo _('All'); ?></option>
</select>
</td>
</tr>
@@ -63,3 +80,4 @@
</tr>
</table>
</form>
+<?php show_box_bottom(); ?>
generated by cgit (git 2.34.1) at 2025-08-13 17:47:52 +0000