From cff8e731529103c63da1c2ef8e3dd0b91686b1c2 Mon Sep 17 00:00:00 2001
From: Karl 'vollmerk' Vollmer <vollmer@ampache.org>
Date: Tue, 26 Sep 2006 07:52:05 +0000
Subject: fixed acls and improved the classic theme a little more

---
 admin/duplicates.php                  |   1 -
 config/ampache.cfg.php.dist           |  15 +++++++++-----
 lib/class/access.class.php            |  13 +++++++-----
 login.php                             |   2 +-
 play/index.php                        |   4 ++--
 templates/default.css                 |   8 ++++++--
 templates/show_album_art.inc.php      |   5 +++--
 templates/show_genre.inc.php          |  15 +++++---------
 templates/show_get_albumart.inc.php   |  20 +++++++++----------
 templates/show_rename_artist.inc.php  |  36 ++++++++++------------------------
 templates/show_similar_artists.inc    |  12 ++++++------
 templates/sidebar.inc.php             |  15 +++-----------
 themes/classic/images/sidebar_top.jpg | Bin 0 -> 1564 bytes
 13 files changed, 63 insertions(+), 83 deletions(-)
 create mode 100644 themes/classic/images/sidebar_top.jpg

diff --git a/admin/duplicates.php b/admin/duplicates.php
index d0167bbb..3dede7e4 100644
--- a/admin/duplicates.php
+++ b/admin/duplicates.php
@@ -26,7 +26,6 @@
 require_once ('../lib/init.php');
 require_once( conf('prefix').'/lib/duplicates.php');
 
-
 if (!$user->has_access(100)) {
 	header ("Location: " . conf('web_path') . "/index.php?access=denied");
 	exit();
diff --git a/config/ampache.cfg.php.dist b/config/ampache.cfg.php.dist
index 839631b8..6678c965 100644
--- a/config/ampache.cfg.php.dist
+++ b/config/ampache.cfg.php.dist
@@ -85,6 +85,13 @@ site_title	= "Ampache :: For The Love Of Music"
 # DEFAULT: true
 require_session = "true"
 
+# Downsample Remote
+# If this is set to true and access control is on any users who are not
+# comming from a defined localnet will be automatically downsampled
+# regardless of their preferences
+# DEFAULT: false
+#downsample_remote = "false"
+
 # Track User IPs
 # If this is enabled Ampache will log the IP of every completed login
 # it will store user,ip,time at one row per login. The results are 
@@ -144,12 +151,10 @@ tag_order	= "file"
 use_auth	= "yes"
 
 # 5 Star Ratings
-# These are disabled by default, to turn them on remove the
-# comment before the value flash requires flash player and
-# will cause longer load times. 
-# POSSIBLE VALUES: false normal
+# This allows rattings for almost any object in ampache
+# POSSIBLE VALUES: false true
 # DEFAULT: false
-#ratings = "normal"
+#ratings = "false"
 
 # This options will turn on/off Demo Mode
 # If Demo mode is on you can not play songs or update your catalog
diff --git a/lib/class/access.class.php b/lib/class/access.class.php
index 45074a4c..58ce1081 100644
--- a/lib/class/access.class.php
+++ b/lib/class/access.class.php
@@ -91,7 +91,9 @@ class Access {
 		$level	= sql_escape($data['level']);
 		$user	= sql_escape($data['user']);
 		$key	= sql_escape($data['key']);
-			
+		
+		if (!$user) { $user = '-1'; } 
+		
 		$sql = "UPDATE access_list " . 
 			"SET start='$start', end='$end', level='$level', user='$user' " . 
 			"WHERE id='" . sql_escape($this->id) . "'";
@@ -109,8 +111,6 @@ class Access {
 	function create($name,$start,$end,$level,$user,$key,$type) { 
 
 		/* We need to verify the incomming data a littlebit */
-		$start = intval($start);
-		$end   = intval($end);
 
 		$start 	= ip2int($start);
 		$end 	= ip2int($end);
@@ -120,6 +120,8 @@ class Access {
 		$level	= intval($level);
 		$type	= $this->validate_type($type);
 
+		if (!$user) { $user = '-1'; } 
+
 		$sql = "INSERT INTO access_list (`name`,`level`,`start`,`end`,`key`,`user`,`type`) " . 
 			"VALUES ('$name','$level','$start','$end','$key','$user','$type')";
 		$db_results = mysql_query($sql, dbh());
@@ -174,10 +176,11 @@ class Access {
 				$sql = "SELECT id FROM access_list" . 
 					" WHERE `start` <= '$ip' AND `end` >= '$ip'" .
 					" AND `level` >= '$level' AND `type` = '$type'";
-				if (strlen($user)) { $sql .= " AND (`user` = '$user' OR `user` < '1')"; }
-				else { $sql .= " AND `user` < '1'"; }
+				if (strlen($user)) { $sql .= " AND (`user` = '$user' OR `user` = '-1')"; }
+				else { $sql .= " AND `user` = '0'"; }
 			break;
 		} // end switch on type
+
 		$db_results = mysql_query($sql, dbh());
 
 		// Yah they have access they can use the mojo
diff --git a/login.php b/login.php
index f9e1d343..e9d6816b 100644
--- a/login.php
+++ b/login.php
@@ -43,7 +43,7 @@ init_preferences();
 if (conf('access_control')) { 
         $access = new Access(0);
         if (!$access->check('interface',$_SERVER['REMOTE_ADDR'],'','5')) {
-                debug_event('access_denied','Access Denied:' . $_SERVER['REMOTE_ADDR'] . ' is not in the Access list','3');
+                debug_event('access_denied','Access Denied:' . $_SERVER['REMOTE_ADDR'] . ' is not in the Interface Access list','3');
                 access_denied();
         }
 } // access_control is enabled
diff --git a/play/index.php b/play/index.php
index 1dbf8ef1..f1badb27 100644
--- a/play/index.php
+++ b/play/index.php
@@ -192,11 +192,11 @@ header("Accept-Ranges: bytes" );
 set_time_limit(0);			
 
 /* If access control is on and they aren't local, downsample! */
-if (conf('access_control')) { 
+//if (conf('access_control') AND conf('downsample_remote')) { 
 	if (!$access->check('network',$_SERVER['REMOTE_ADDR'],$GLOBALS['user']->username,'25')) { 
 		$not_local = true;
 	}
-} // if access_control
+//} // if access_control
 	
 if ($GLOBALS['user']->prefs['play_type'] == 'downsample' || !$song->native_stream() || $not_local) { 
 	$results = start_downsample($song,$lastid,$song_name);
diff --git a/templates/default.css b/templates/default.css
index 1da59b93..656a3cbf 100644
--- a/templates/default.css
+++ b/templates/default.css
@@ -250,7 +250,7 @@ div#Header{
  * TO DO: Fill in 1px border around menus & submenu items
  * Make padding apply to the li, not just an a.  Moving padding: to li throws off the dropdown menu alignment.
  */
- 
+
 div#sidebar{
 	clear:both;
 	position:absolute;
@@ -287,7 +287,7 @@ div#sidebar{
     display: block;
     border-bottom: 1px solid #8B8B8B;
     border-left: 1px solid #8B8B8B;
-    border-right: 1px solid #8B8B8B;
+    border-right: 4px solid #B4B4B4;
     border-top: 1px solid #8B8B8B;
     /* float: left; /* use for horizontal menu; comment out otherwise */
     padding: 5px 0px 5px 10px;
@@ -295,6 +295,10 @@ div#sidebar{
     background-color:#FFFFFF;
 }
 
+#sidebar ul.subnavside li { 
+    border-right: 1px solid #B4B4B4;
+}
+
 #sidebar a, .navbutton {
     display: block;  /*Not sure why this is neccesary, but it is for IE*/
     text-decoration: none;
diff --git a/templates/show_album_art.inc.php b/templates/show_album_art.inc.php
index c950ebdc..a386b353 100644
--- a/templates/show_album_art.inc.php
+++ b/templates/show_album_art.inc.php
@@ -25,8 +25,8 @@ $total_images = count($images);
 $rows = floor($total_images/3);
 $i = 0;
 ?>
-
-<table class="text-box"> 
+<?php show_box_top(); ?>
+<table>
 <tr>
 <?php 
 while ($i <= $rows) { 
@@ -53,3 +53,4 @@ while ($i <= $rows) {
 } // end while
 ?>
 </table>
+<?php show_box_bottom(); ?>
diff --git a/templates/show_genre.inc.php b/templates/show_genre.inc.php
index 6f9db26f..5e9466d9 100644
--- a/templates/show_genre.inc.php
+++ b/templates/show_genre.inc.php
@@ -26,19 +26,14 @@
 */
 $web_path = conf('web_path');
 ?>
-<table class="text-box">
-<tr>
-	<td>
-		<span class="header1"><?php echo _("Viewing") . " " . $genre->name . " " . _("Genre"); ?></span><br />
+<?php show_box_top(_('Viewing') . " " . $genre->name . " " . _('Genre')); ?>
 		[<?php echo $genre->get_album_count(); ?>] 
 		<a href="<?php echo $web_path; ?>/genre.php?action=show_albums&amp;genre_id=<?php echo $genre->id; ?>">
-			<?php echo _("Albums"); ?></a><br />
+			<?php echo _('Albums'); ?></a><br />
 		[<?php echo $genre->get_artist_count(); ?>]
 		<a href="<?php echo $web_path; ?>/genre.php?action=show_artists&amp;genre_id=<?php echo $genre->id; ?>">
-			<?php echo _("Artists"); ?></a><br />
+			<?php echo _('Artists'); ?></a><br />
 		[<?php echo $genre->get_song_count(); ?>]
 		<a href="<?php echo $web_path; ?>/genre.php?action=show_songs&amp;genre_id=<?php echo $genre->id; ?>">
-			<?php echo _("Songs"); ?></a><br />
-	</td>
-</tr>
-</table>
+			<?php echo _('Songs'); ?></a><br />
+<?php show_box_bottom(); ?>
diff --git a/templates/show_get_albumart.inc.php b/templates/show_get_albumart.inc.php
index 2de886b3..b847a980 100644
--- a/templates/show_get_albumart.inc.php
+++ b/templates/show_get_albumart.inc.php
@@ -20,33 +20,30 @@
 
 */
 ?>
-
+<?php show_box_top(_('Customize Search')); ?>
 <form name="coverart" method="get" action="<?php echo conf('web_path'); ?>/albums.php" style="Displain:inline;">
-<table class="text-box">
+<table>
 <tr>
-	<td>
-		<span class="header1"><?php echo _("Customize Search"); ?></span>
-	</td>
 </tr>
 <tr>
 	<td>
-		<?php echo _("Artist"); ?>&nbsp;
+		<?php echo _('Artist'); ?>&nbsp;
 	</td>
 	<td>
-		<input type="text" size="20" id="artist_name" name="artist_name" value="<?php echo $artistname; ?>" />
+		<input type="text" size="20" id="artist_name" name="artist_name" value="<?php echo scrub_out($artistname); ?>" />
 	</td>
 </tr>
 <tr>
 	<td>
-	 	<?php echo _("Album"); ?>&nbsp;
+	 	<?php echo _('Album'); ?>&nbsp;
 	</td>
 	<td>
-		<input type="text" size="20" id="album_name" name="album_name" value="<?php echo $albumname; ?>" />
+		<input type="text" size="20" id="album_name" name="album_name" value="<?php echo scrub_out($albumname); ?>" />
 	</td>
 </tr>
 <tr>
 	<td>
-		<?php echo _("Direct URL to Image"); ?>
+		<?php echo _('Direct URL to Image'); ?>
 	</td>
 	<td>
 		<input type="text" size="40" id="cover" name="cover" value="" />
@@ -56,8 +53,9 @@
 	<td>
 		<input type="hidden" name="action" value="find_art" />
 		<input type="hidden" name="album_id" value="<?php echo $album->id; ?>" />
-		<input type="submit" value="<?php echo _("Get Art"); ?>" />
+		<input type="submit" value="<?php echo _('Get Art'); ?>" />
 	</td>
 </tr>
 </table>
 </form>
+<?php show_box_bottom(); ?>
diff --git a/templates/show_rename_artist.inc.php b/templates/show_rename_artist.inc.php
index 72f707ff..1d9c1130 100644
--- a/templates/show_rename_artist.inc.php
+++ b/templates/show_rename_artist.inc.php
@@ -26,31 +26,15 @@ function insert()
 	document.getElementById('artist_name').value = '<?php echo $artist->name; ?>';
 }
 </script>
-
+<?php show_box_top(_('Rename') . " " . $artist->name); ?>
 <form name="rename_artist" method="post" action="<?php echo conf('web_path'); ?>/artists.php?action=rename&amp;artist=<?php echo $artist->id; ?>" style="Display:inline;">
-<table class="text-box" cellspacing="0">
-<tr>
-	<th align="left">
-	<span class="header2"><?php echo _("Rename") . " " . $artist->name . " " . _("to"); ?></span>
-	</th>
-</tr>
-<tr>
-	<td>
-        	<?php show_artist_pulldown($artist->id, "artist_id", 4); ?>
-		<br />
-		<?php echo _("OR"); ?><br />
-		<input type="text" name="artist_name" size="30" value="<?php echo scrub_out($_REQUEST['artist_name']); ?>" id="artist_name" />
-		<a href="javascript:insert()">[<?php echo _("Insert current"); ?>]</a>
-		<?php $GLOBALS['error']->print_error('artist_name'); ?>
-	</td>
-</tr>
-<tr>
-	<td><input type="checkbox" name="update_id3" value="yes" />&nbsp; <?php echo _("Update id3 tags"); ?></td>
-</tr>
-<tr>
-	<td>
-		<input type="submit" value="<?php echo _("Rename"); ?>" />
-	</td>
-</tr>
-</table>
+        <?php show_artist_pulldown($artist->id, "artist_id", 4); ?>
+	<br />
+	<?php echo _('OR'); ?><br />
+	<input type="text" name="artist_name" size="30" value="<?php echo scrub_out($_REQUEST['artist_name']); ?>" id="artist_name" />
+	<a href="javascript:insert()">[<?php echo _('Insert current'); ?>]</a><br />
+	<?php $GLOBALS['error']->print_error('artist_name'); ?>
+	<input type="checkbox" name="update_id3" value="yes" />&nbsp; <?php echo _('Update id3 tags') ?><br />
+	<input type="submit" value="<?php echo _('Rename'); ?>" /><br />
 </form>
+<?php show_box_bottom(); ?>
diff --git a/templates/show_similar_artists.inc b/templates/show_similar_artists.inc
index 25a9f6d2..edc5c0e2 100644
--- a/templates/show_similar_artists.inc
+++ b/templates/show_similar_artists.inc
@@ -21,9 +21,9 @@
 */
 $web_path = conf('web_path');
 ?>
+<?php show_box_top(_('Similar Artists')); ?>
 <form name="artists" method="post" enctype="multipart/form-data" action="<?php echo $web_path; ?>/artists.php?action=rename_similar&artist=<?php echo $artist_id;?>" style="Display:inline;">
-	<h1>Similar Artists</h1>
-	<h3>Please check the artists you want to merge with the current one (<span style='text-decoration: underline;'><?php echo $artist_name;?></span>)</h3>
+	<h3><?php _('Please check the artists you want to merge with the current one'); ?> (<span style='text-decoration: underline;'><?php echo $artist_name;?></span>)</h3>
 	<table class="border" cellspacing="0" cellpadding="0" border="0">
 	<tr class="table-header">
 		<th>&nbsp;&nbsp;Select</th>
@@ -80,12 +80,11 @@ if ($show) {
 ?>
 </table>
 </form>
+<?php show_box_bottom(); ?>
+<?php show_box_top(_('Advanced Options')); ?>
 <form name='advanced' action='<?php echo $web_path; ?>/artists.php?action=show_similar&artist=<?php echo $artist_id; ?>' method='POST'>
 <table class="border" cellspacing="0" cellpadding="0" border="0" style='margin-left: 10px; margin-top: 20px;'>
 <!--Advanced-->
-	<tr class="table-header">
-		<th colspan='2'>Advanced options</th>
-	</tr>
 	<tr class="<?php echo flip_class(); ?>">
 		<th colspan='2' style='text-align: left;'>Normalize options</th>
 	</tr>
@@ -149,6 +148,7 @@ if ($show) {
 	
 </table>
 </form>
+<?php show_box_bottom(); ?>
 <script language='javascript'>
 	function default_filter() {
 		document.getElementById('n_filter').value = "/[^a-z ]/";
@@ -156,4 +156,4 @@ if ($show) {
 	function default_ignore() {
 		document.getElementById('n_ignore').value = "/\s(the|an?)\s/";
 	}	
-</script>
\ No newline at end of file
+</script>
diff --git a/templates/sidebar.inc.php b/templates/sidebar.inc.php
index e11e1b63..d47e2711 100644
--- a/templates/sidebar.inc.php
+++ b/templates/sidebar.inc.php
@@ -42,23 +42,14 @@ $browse_items[] = array('title'=>_("Lists"),'url'=>'browse.php','active'=>$locat
 
 $web_path = conf('web_path');
 
-/* Setup the Location page mojo for setting
- * the active LI here 
- */
-switch ($location['page']) { 
-
-
-
-
-} // end switch on location page thingy
-
 ?>
 <ul id="navlist">
+	<h3></h3>
 	<li<?php
                 if ($location['page'] == "index.php"){
                     echo " id=\"activetopmenu\" ";
                     }?>>
-		<a href="<?php echo $web_path; ?>/index.php"><?php echo _("Home"); ?></a>
+		<a href="<?php echo $web_path; ?>/index.php"><?php echo _('Home'); ?></a>
 	</li>
 <?php if ($GLOBALS['user']->has_access(100)) { ?>
 	<li<?php
@@ -71,7 +62,7 @@ switch ($location['page']) {
                     $location['page'] == 'admin/access.php' ){
                     echo " id=\"activetopmenu\" ";
                     }?>>
-		<a href="<?php echo $web_path; ?>/admin/index.php"><?php echo _("Admin"); ?></a>
+		<a href="<?php echo $web_path; ?>/admin/index.php"><?php echo _('Admin'); ?></a>
 	<?php
 		if ($GLOBALS['theme']['submenu'] != 'simple') {
 			show_submenu($admin_items); 
diff --git a/themes/classic/images/sidebar_top.jpg b/themes/classic/images/sidebar_top.jpg
new file mode 100644
index 00000000..51ff93ab
Binary files /dev/null and b/themes/classic/images/sidebar_top.jpg differ
-- 
cgit