diff -urN ampache-3.3.2-alpha4/activate.php ampache-3.3.2-beta1/activate.php --- ampache-3.3.2-alpha4/activate.php 1969-12-31 16:00:00.000000000 -0800 +++ ampache-3.3.2-beta1/activate.php 2006-01-08 23:06:20.000000000 -0800 @@ -0,0 +1,55 @@ + + + + +get_user_validation($username,$validation); + +if (!$val1) { + $GLOBALS['error']->add_error('no_such_user',_("No user with this name registered")); + $GLOBALS['error']->print_error('no_such_user'); + } +elseif ($val1 != $validation) { + $GLOBALS['error']->add_error('validation_failed',_("The validation key used isn't correct.")); + $GLOBALS['error']->print_error('validation_failed'); + } +else { + $activate = $GLOBALS['user']->activate_user($username); + show_confirmation(_('User activated'),_('This User ID is activated and can be used'),'/login.php'); +} +?> + + diff -urN ampache-3.3.2-alpha4/admin/access.php ampache-3.3.2-beta1/admin/access.php --- ampache-3.3.2-alpha4/admin/access.php 2005-12-27 01:33:02.000000000 -0800 +++ ampache-3.3.2-beta1/admin/access.php 2006-01-08 23:06:19.000000000 -0800 @@ -36,40 +36,34 @@ show_template('header'); -if ( $action == 'show_confirm_delete' ) { - show_confirm_action(_("Do you really want to delete this Access Record?"), "admin/access.php", "access_id=" . $_REQUEST['access_id'] . "&action=delete_host"); -} -/*! - @action delete_host - @discussion deletes an access list entry -*/ -elseif ( $action == 'delete_host' ) { - $access->delete($_REQUEST['access_id']); - show_confirmation(_("Entry Deleted"),_("Your Access List Entry has been removed"),"admin/access.php"); - -} // delete_host -/*! - @action add_host - @discussion add a new access list entry -*/ -elseif ($action == 'add_host') { - - $access->create($_REQUEST['name'], $_REQUEST['start'],$_REQUEST['end'],$_REQUEST['level']); - show_confirmation(_("Entry Added"),_("Your new Access List Entry has been created"),"admin/access.php"); - -} // add_host -/*! - @action show_add_host - @discussion show the add host box -*/ -elseif ( $action == 'show_add_host' ) { - include(conf('prefix') . "/templates/show_add_access.inc"); -} -else { - $list = array(); - $list = $access->get_access_list(); - include(conf('prefix') ."/templates/show_access_list.inc"); -} +switch ($action ) { + case 'show_confirm_delete': + show_confim_action(_('Do you really want to delete this Access Reocrd?'),'admin/access.php','access_id=' . scrub_out($_REQUEST['access_id']) . '&action=delete_host'); + break; + case 'delete_host': + $access->delete($_REQUEST['access_id']); + show_confirmation(_('Entry Deleted'),_('Your Access List Entry has been removed'),'admin/access.php'); + break; + case 'add_host': + $access->create($_REQUEST['name'],$_REQUEST['start'],$_REQUEST['end'],$_REQUEST['level']); + show_confirmation(_('Entry Added'),_('Your new Access List Entry has been created'),'admin/access.php'); + break; + case 'update_host': + $access->update($_REQUEST); + show_confirmation(_('Entry Updated'),_('Access List Entry updated'),'admin/access.php'); + break; + case 'show_add_host': + include(conf('prefix') . '/templates/show_add_access.inc'); + break; + case 'show_edit_host': + include(conf('prefix') . '/templates/show_edit_access.inc'); + break; + default: + $list = array(); + $list = $access->get_access_list(); + include(conf('prefix') ."/templates/show_access_list.inc"); + break; +} // end switch on action show_footer(); ?> diff -urN ampache-3.3.2-alpha4/admin/duplicates.php ampache-3.3.2-beta1/admin/duplicates.php --- ampache-3.3.2-alpha4/admin/duplicates.php 2005-12-27 01:33:02.000000000 -0800 +++ ampache-3.3.2-beta1/admin/duplicates.php 2006-01-08 23:06:19.000000000 -0800 @@ -38,10 +38,6 @@ show_template('header'); -show_menu_items('Admin'); -show_admin_menu('Catalog'); - - switch ($action) { case 'search': @@ -52,7 +48,4 @@ show_duplicate_searchbox($search_type); } show_footer(); -show_clear(); -show_page_footer ('Admin', 'Catalog',$user->prefs['display_menu']); - ?> diff -urN ampache-3.3.2-alpha4/admin/flags.php ampache-3.3.2-beta1/admin/flags.php --- ampache-3.3.2-alpha4/admin/flags.php 2005-12-27 01:33:02.000000000 -0800 +++ ampache-3.3.2-beta1/admin/flags.php 2006-01-08 23:06:19.000000000 -0800 @@ -37,9 +37,6 @@ $action = scrub_in($_REQUEST['action']); show_template('header'); -show_menu_items('Admin'); -show_admin_menu('Catalog'); - switch ($action) { case 'show': @@ -85,6 +82,4 @@ } show_footer(); -show_page_footer ('Admin', 'Catalog',$user->prefs['display_menu']); - ?> diff -urN ampache-3.3.2-alpha4/admin/song.php ampache-3.3.2-beta1/admin/song.php --- ampache-3.3.2-alpha4/admin/song.php 2005-12-27 01:33:02.000000000 -0800 +++ ampache-3.3.2-beta1/admin/song.php 2006-01-08 23:06:19.000000000 -0800 @@ -39,12 +39,9 @@ $action = scrub_in($_REQUEST['action']); $song = scrub_in($_REQUEST['song']); - +$return_referer = return_referer(); show_template('header'); -show_menu_items('Admin'); -show_admin_menu('Catalog'); - $song_obj = new Song($_REQUEST['song_id']); switch($action) { @@ -65,7 +62,7 @@ $song_obj->update_enabled(0,$song_id); } // end foreach } // end else - show_confirmation(_("Songs Disabled"),_("The requested song(s) have been disabled"),return_referer()); + show_confirmation(_("Songs Disabled"),_("The requested song(s) have been disabled"),htmlspecialchars($return_referer)); break; case "enabled": // If we pass just one, make it still work @@ -75,7 +72,7 @@ $song_obj->update_enabled(1,$song_id); } // end foreach } // end else - show_confirmation(_("Songs Enabled"),_("The requested song(s) have been enabled"),return_referer()); + show_confirmation(_("Songs Enabled"),_("The requested song(s) have been enabled"),htmlspecialchars($return_referer)); break; default: echo "Don't know what to do yet."; @@ -180,9 +177,6 @@ EDIT_SONG_6; } +show_footer(); ?> -
- - - diff -urN ampache-3.3.2-alpha4/admin/users.php ampache-3.3.2-beta1/admin/users.php --- ampache-3.3.2-alpha4/admin/users.php 2005-12-27 01:33:02.000000000 -0800 +++ ampache-3.3.2-beta1/admin/users.php 2006-01-08 23:06:19.000000000 -0800 @@ -135,7 +135,7 @@ /* If we end up with an error */ if ($GLOBALS['error']->error_state) { - show_user_form('','$username','$fullname','$email','$access','new_user',''); + show_user_form('','$username','$fullname','$email','new_user',''); break; } show_confirmation("New User Added",$username . " has been created with an access level of " . $access,"admin/users.php"); diff -urN ampache-3.3.2-alpha4/albumart.php ampache-3.3.2-beta1/albumart.php --- ampache-3.3.2-alpha4/albumart.php 2005-12-27 01:33:03.000000000 -0800 +++ ampache-3.3.2-beta1/albumart.php 2006-01-08 23:06:20.000000000 -0800 @@ -1,7 +1,7 @@ get_art($_REQUEST['fast']); - -if (isset($r->art)) { - $art = $r->art; - $mime = $r->art_mime; - $found = 1; -} - /* Decide what size this image is */ switch ($_REQUEST['thumb']) { case '1': @@ -57,23 +45,37 @@ break; } -if (!$found) { - // Print a transparent gif instead - header('Content-type: image/gif'); - readfile(conf('prefix') . conf('theme_path') . "/images/blankalbum.gif"); -} -else { - // Print the album art - $extension = substr($mime,strlen($mime)-3,3); - header("Content-type: $mime"); - header("Content-Disposition: filename=" . $album->name . "." . $extension); - - if (!$_REQUEST['thumb']) { - echo $art; - } - elseif (!img_resize($art,$size,$extension)) { - echo $art; - } -} +switch ($_REQUEST['type']) { + case 'popup': + show_template('show_big_art'); + break; + default: + $album = new Album($_REQUEST['id']); + + // Check db first + $r = $album->get_art($_REQUEST['fast']); + + if (isset($r->art)) { + $art = $r->art; + $mime = $r->art_mime; + } + else { + header('Content-type: image/gif'); + readfile(conf('prefix') . conf('theme_path') . "/images/blankalbum.gif"); + break; + } // else no image + + // Print the album art + $extension = substr($mime,strlen($mime)-3,3); + header("Content-type: $mime"); + header("Content-Disposition: filename=" . $album->name . "." . $extension); + if (!$_REQUEST['thumb']) { + echo $art; + } + elseif (!img_resize($art,$size,$extension)) { + echo $art; + } + break; +} // end switch type ?> diff -urN ampache-3.3.2-alpha4/albums.php ampache-3.3.2-beta1/albums.php --- ampache-3.3.2-alpha4/albums.php 2005-12-27 01:33:03.000000000 -0800 +++ ampache-3.3.2-beta1/albums.php 2006-01-08 23:06:20.000000000 -0800 @@ -1,6 +1,9 @@ format_album(); - $artist_obj = new Artist($artist_obj); - require (conf('prefix') . "/templates/show_album.inc"); - if (isset($artist) && $artist_obj->name == "Unknown (Orphaned)" ) { - $song_ids = get_song_ids_from_artist_and_album($artist, $album->id); - } - else { - $song_ids = get_song_ids_from_album($album->id); - } + /* Get the song ids for this album */ + $song_ids = $album->get_song_ids($_REQUEST['artist']); + show_songs($song_ids,0,$album); + } // isset(album) // Finds the Album art from amazon @@ -81,7 +80,7 @@ if (isset($_REQUEST['artist_name'])) { $artist = scrub_in($_REQUEST['artist_name']); } - else { + elseif ($album->artist_count == '1') { $artist = $album->artist; } @@ -106,7 +105,7 @@ } $albumname = $album->name; - $artistname = $album->artist; + $artistname = $artist; // Remember the last typed entry, if there was one if (isset($_REQUEST['album_name'])) { $albumname = scrub_in($_REQUEST['album_name']); } diff -urN ampache-3.3.2-alpha4/amp-mpd.php ampache-3.3.2-beta1/amp-mpd.php --- ampache-3.3.2-alpha4/amp-mpd.php 2005-12-27 01:33:03.000000000 -0800 +++ ampache-3.3.2-beta1/amp-mpd.php 2006-01-08 23:06:20.000000000 -0800 @@ -169,7 +169,7 @@ $playlist = new Playlist($pl_id); if( $pl_id == 0 ) { // new playlist $playlist_name = _("New Playlist") . " - " . date("m/j/y, g:i a"); - $playlist->create_playlist($playlist_name, $user->username, 'private'); + $playlist->create($playlist_name, $user->username, 'private'); $pl_id = $playlist->id; } diff -urN ampache-3.3.2-alpha4/artists.php ampache-3.3.2-beta1/artists.php --- ampache-3.3.2-alpha4/artists.php 2005-12-27 01:33:03.000000000 -0800 +++ ampache-3.3.2-beta1/artists.php 2006-01-08 23:06:20.000000000 -0800 @@ -1,6 +1,9 @@ show_albums(); break; case 'show_all_songs': - $artist = get_artist_name(scrub_in($_REQUEST['artist'])); - echo "

" . _("All songs by") . " $artist

"; - $song_ids = get_song_ids_from_artist($_REQUEST['artist']); + $artist = new Artist($_REQUEST['artist']); + $artist->format_artist(); + $song_ids = $artist->get_song_ids(); + require(conf('prefix') . '/templates/show_artist_box.inc.php'); show_songs($song_ids); break; diff -urN ampache-3.3.2-alpha4/bin/catalog_update.php.inc ampache-3.3.2-beta1/bin/catalog_update.php.inc --- ampache-3.3.2-alpha4/bin/catalog_update.php.inc 2005-12-27 01:33:02.000000000 -0800 +++ ampache-3.3.2-beta1/bin/catalog_update.php.inc 2006-01-08 23:06:19.000000000 -0800 @@ -12,10 +12,19 @@ // Clean out dead files $catalog->clean_catalog(); + $catalog->count = 0; + // Verify Existing $catalog->verify_catalog(); + $catalog->count = 0; + + echo "\n\n"; + // Look for new files $catalog->add_to_catalog(); + echo "\n\n"; } + + ?> diff -urN ampache-3.3.2-alpha4/bin/print_tags.php.inc ampache-3.3.2-beta1/bin/print_tags.php.inc --- ampache-3.3.2-alpha4/bin/print_tags.php.inc 2005-12-27 01:33:02.000000000 -0800 +++ ampache-3.3.2-beta1/bin/print_tags.php.inc 2006-01-08 23:06:19.000000000 -0800 @@ -19,7 +19,6 @@ Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ - $no_session = '1'; require ("../modules/init.php"); diff -urN ampache-3.3.2-alpha4/bin/sort_files.php.inc ampache-3.3.2-beta1/bin/sort_files.php.inc --- ampache-3.3.2-alpha4/bin/sort_files.php.inc 1969-12-31 16:00:00.000000000 -0800 +++ ampache-3.3.2-beta1/bin/sort_files.php.inc 2006-01-08 23:06:19.000000000 -0800 @@ -0,0 +1,319 @@ +get_catalog_files(); + + echo "Starting Catalog: " . stripslashes($catalog->name) . "\n"; + + /* Foreach through each file and find it a home! */ + foreach ($songs as $song) { + /* Find this poor song a home */ + $song->format_song(); + $directory = sort_find_home($song,$catalog->sort_pattern,$catalog->path); + $filename = sort_find_filename($song,$catalog->rename_pattern); + $fullpath = $directory . "/" . $filename; + + /* Check for Demo Mode */ + if ($test_mode) { + /* We're just talking here... no work */ + echo "Moving File:\n\tSource: $song->file\n\tDest: $fullpath\n"; + flush(); + } + /* We need to actually do the moving (fake it if we are testing) + * Don't try to move it, if it's already the same friggin thing! + */ + if ($song->file != $fullpath && strlen($fullpath)) { + sort_move_file($song,$fullpath); + } + + + + } // end foreach song + +} // end foreach catalogs + + +/************** FUNCTIONS *****************/ +/** + * sort_find_filename + * This gets the filename that this file should have, it takes the rename pattern of the catalog + * along with the song object. Nothing Special Here + */ +function sort_find_filename($song,$rename_pattern) { + + $extension = ltrim(substr($song->file,strlen($song->file)-4,4),"."); + + /* Create the filename that this file should have */ + $album = sort_clean_name($song->f_album_full); + $artist = sort_clean_name($song->f_artist_full); + $genre = sort_clean_name($song->f_genre); + $track = sort_clean_name($song->track); + $title = sort_clean_name($song->title); + $year = sort_clean_name($song->year); + + /* Start replacing stuff */ + $replace_array = array('%a','%A','%t','%T','%y','%g'); + $content_array = array($artist,$album,$title,$track,$year,$genre); + + $rename_pattern = str_replace($replace_array,$content_array,$rename_pattern); + + $rename_pattern = preg_replace("[^A-Za-z0-9\-\_\ \'\,\(\)]","_",$rename_pattern); + + return $rename_pattern . "." . $extension; + +} // sort_find_filename + +/** + * sort_find_home + * Get the directory for this file from the catalog and the song info using the sort_pattern + * takes into account various artists and the alphabet_prefix + */ +function sort_find_home($song,$sort_pattern,$base) { + + $home = rtrim($base,"\/"); + $home = rtrim($home,"\\"); + + /* Create the filename that this file should have */ + $album = sort_clean_name($song->f_album_full); + $artist = sort_clean_name($song->f_artist_full); + $genre = sort_clean_name($song->f_genre); + $track = sort_clean_name($song->track); + $title = sort_clean_name($song->title); + $year = sort_clean_name($song->year); + + /* Do the various check */ + $album_object = new Album($song->album); + if ($album_object->artist_count != '1') { + $artist = "Various"; + } + + /* IF we want a,b,c,d we need to know the first element */ + if ($GLOBALS['alphabet_prefix']) { + $sort_pattern = preg_replace("/\/?%o\//","",$sort_pattern); + $first_element = substr($sort_pattern,0,2); + $element = sort_element_name($first_element); + if (!$element) { $alphabet = 'ZZ'; } + else { $alphabet = strtoupper(substr(${$element},0,1)); } + $alphabet = preg_replace("/[^A-Za-z0-9]/","ZZ",$alphabet); + + $home .= "/$alphabet"; + } + + /* Replace everything we can find */ + $replace_array = array('%a','%A','%t','%T','%y','%g','%C'); + $content_array = array($artist,$album,$title,$track,$year,$genre,'C'); + $sort_pattern = str_replace($replace_array,$content_array,$sort_pattern); + + /* Remove non A-Z0-9 chars */ + $sort_pattern = preg_replace("[^\\\/A-Za-z0-9\-\_\ \'\,\(\)]","_",$sort_pattern); + + $home .= "/$sort_pattern"; + + return $home; + +} // sort_find_home + +/** + * sort_element_name + * gets the name of the %? in a yea.. too much beer + */ +function sort_element_name($key) { + + switch ($key) { + case '%t': + return 'title'; + break; + case '%T': + return 'track'; + break; + case '%a': + return 'artist'; + break; + case '%A': + return 'album'; + break; + case '%y': + return 'year'; + break; + case '%g': + return 'genre'; + break; + default: + break; + } // switch on key + + return false; + +} // sort_element_name + +/** + * sort_clean_name + * We have to have some special rules here + * This is run on every individual element of the search + * Before it is put togeather, this removes / and \ and also + * once I figure it out, it'll clean other stuff + */ +function sort_clean_name($string) { + + /* First remove any / or \ chars */ + $string = preg_replace("/[\/\\\]/","-",$string); + + $string = str_replace(":"," ",$string); + + return $string; + +} // sort_clean_name + +/** + * sort_move_file + * All this function does is, move the friggin file and then update the database + * We can't use the rename() function of PHP because it's functionality depends on the + * current phase of the moon, the alignment of the planets and my current BAL + * Instead we cheeseball it and walk through the new dir structure and make + * sure that the directories exist, once the dirs exist then we do a copy + * and unlink.. This is a little unsafe, and as such it verifys the copy + * worked by doing a filesize() before unlinking. + */ +function sort_move_file($song,$fullname) { + + $old_dir = dirname($song->file); + + $info = pathinfo($fullname); + + $directory = $info['dirname']; + $file = $info['basename']; + $data = preg_split("/[\/\\\]/",$directory); + $path = ''; + + /* We not need the leading / */ + unset($data[0]); + + foreach ($data as $dir) { + + $path .= "/" . $dir; + + /* We need to check for the existance of this directory */ + if (!is_dir($path)) { + if ($GLOBALS['test_mode']) { + echo "\tMaking $path Directory\n"; + } + else { + if (conf('debug')) { log_event('commandline','mkdir',"Creating $path directory"); } + $results = mkdir($path); + if (!$results) { + echo "Error: Unable to create $path move failed\n"; + return false; + } + } // else we aren't in test mode + } // if it's not a dir + + } // foreach dir + + /* Now that we've got the correct directory structure let's try to copy it */ + if ($GLOBALS['test_mode']) { + echo "\tCopying $file to $directory\n"; + $sql = "UPDATE song SET file='" . sql_escape($fullname) . "' WHERE id='" . sql_escape($song->id) . "'"; + echo "\tSQL: $sql\n"; + } + else { + + /* Check for file existance */ + if (file_exists($fullname)) { + if (conf('debug')) { log_event('commandline','file exists','Error: $fullname already exists'); } + echo "Error: $fullname already exists\n"; + return false; + } + + $results = copy($song->file,$fullname); + if (conf('debug')) { log_event('commandline','copy','Copied ' . $song->file . ' to ' . $fullname); } + + + /* Look for the folder art and copy that as well */ + if (!conf('album_art_preferred_filename')) { + $folder_art = $directory . '/folder.jpg'; + $old_art = $old_dir . '/folder.jpg'; + } + else { + $folder_art = $directory . "/" . conf('album_art_preferred_filename'); + $old_art = $old_dir . "/" . conf('album_art_preferred_filename'); + } + + if (conf('debug')) { log_event('commandline','copy_art','Copied ' . $old_art . ' to ' . $folder_art); } + @copy($old_art,$folder_art); + + if (!$results) { echo "Error: Unable to copy file to $fullname\n"; return false; } + + /* Check the md5sums */ + $new_sum = filesize($fullname); + $old_sum = filesize($song->file); + + if ($new_sum != $old_sum OR !$new_sum) { + echo "Error: Size Inconsistency, not deleting " . $song->file . "\n"; + return false; + } // end if sum's don't match + + /* If we've made it this far it should be safe */ + $results = unlink($song->file); + if (!$results) { echo "Error: Unable to delete " . $song->file . "\n"; } + + /* Update the catalog */ + $sql = "UPDATE song SET file='" . sql_escape($fullname) . "' WHERE id='" . sql_escape($song->id) . "'"; + $db_results = mysql_query($sql, dbh()); + + } // end else + + return true; + +} // sort_move_file + +?> diff -urN ampache-3.3.2-alpha4/browse.php ampache-3.3.2-beta1/browse.php --- ampache-3.3.2-alpha4/browse.php 2005-12-27 01:33:03.000000000 -0800 +++ ampache-3.3.2-beta1/browse.php 2006-01-08 23:06:20.000000000 -0800 @@ -1,7 +1,7 @@ f_title @ $album played by $user->fullname]]> -rss_song_description = f_title @ $album played by $user->fullname]]> +# FIXME it's hardcoded in lib/rss.lib.php now +#rss_song_description = f_title @ $album played by $user->fullname]]> ###################################################### ####################### diff -urN ampache-3.3.2-alpha4/config/registration_agreement.php.dist ampache-3.3.2-beta1/config/registration_agreement.php.dist --- ampache-3.3.2-alpha4/config/registration_agreement.php.dist 1969-12-31 16:00:00.000000000 -0800 +++ ampache-3.3.2-beta1/config/registration_agreement.php.dist 2006-01-08 23:06:20.000000000 -0800 @@ -0,0 +1 @@ +**This is the plain TXT document that is put at the top of the User Registration page** diff -urN ampache-3.3.2-alpha4/docs/CHANGELOG ampache-3.3.2-beta1/docs/CHANGELOG --- ampache-3.3.2-alpha4/docs/CHANGELOG 2005-12-27 01:32:54.000000000 -0800 +++ ampache-3.3.2-beta1/docs/CHANGELOG 2006-01-08 23:06:12.000000000 -0800 @@ -3,6 +3,59 @@ -------------------------------------------------------------------------- -------------------------------------------------------------------------- + v.3.3.2-Beta1 01/08/2006 + - Fixed lack of Access List check on download + - Fixed Access List so that you can edit existing records + - Fixed counting error when using the /bin/catalog_update.php.inc + script + - Fixed some minor theme issues with the built in themes + - Fixed some RSS problems, and linked it on header (Thx pb1dft) + - Fixed bug where you couldn't delete admin users because of an + overzelous permission check + - Fixed Search Album art page so it correctly shows results + (Thx nhorlock) + - Fixed stylesheet so all old Themes work again (Thx Sigger) + - Added Normalize Tracks function to playlist which makes track + numbers contiguous + - Fixed ordering on Playlists under new code + - Added the Import From File action for playlists back. The link + was just missing + - Fixed SQL errors with Windows + Mysql5.x songs with empty + genres, are now given a Unknown genre value (Thx WarrenG) + - Rewrote entire Playlist class and document to use the new id + field in database, also added support for playlist tracks + that are based on search criteria. + - Fixed Album Art Search so that it doesn't include the artist + if there is more then one artist on the album + - Fixed Registration code so that it used existing functions and + added default to off config option for captcha because + its hard to detect compatibility + - Fixed some logic errors in Downsampling code + - Updated Registration code (Thx pb1dft) + - Updated GetId3() Library to v.1.7.5 + - Updated SQL file + - Fixed Install script so it throws errors and is now able to + if specified create the database user for you + - Added Popup Album Art (Thx Di-Fosfor) + - Fixed Typo in Amazon Search debug statement + - Added sort_files.php.inc to /bin + - Fixed Ratings designation mistake and added it to artist view + - Fixed location detection for contextual titles and browse + on the simple menu's (Thx SoundOfEmotion) + - Fixed a botched change to the database (No Data loss!) but I + still feel stupid (Blame Vollmer) + - Fixed a problem where .flac files wouldn't get recognized by + the regular expression that pulls in files from m3u's + (Thx nhorlock) + - Fixed a logic problem with the rating system where it would + show a star for the 0 value when it should always show + the 0 or don't play symbol + - Fixed drop-downs on sidebar not resizing with fontsize + (Thx SoundOfEmotion) + - Fixed wrap-around text by removing float:left; on #content + (Thx Sigger) + +-------------------------------------------------------------------------- v.3.3.2-Alpha4 12/27/2005 - Fixed Registration system sort of. It still needs massive improvement, but it works.. kinda (Thx SoundOfEmotion) diff -urN ampache-3.3.2-alpha4/download/index.php ampache-3.3.2-beta1/download/index.php --- ampache-3.3.2-alpha4/download/index.php 2005-12-27 01:32:56.000000000 -0800 +++ ampache-3.3.2-beta1/download/index.php 2006-01-08 23:06:13.000000000 -0800 @@ -1,7 +1,7 @@ check('50', $_SERVER['REMOTE_ADDR'])) { + if (conf('debug')) { + log_event($user->username,' access_denied ', "Download Access Denied, " . $_SERVER['REMOTE_ADDR'] . " does not have download level + } + access_denied(); + } +} // access_control is enabled if ($user->prefs['download']) { if ($_REQUEST['song_id']) { diff -urN ampache-3.3.2-alpha4/flag.php ampache-3.3.2-beta1/flag.php --- ampache-3.3.2-alpha4/flag.php 2005-12-27 01:33:03.000000000 -0800 +++ ampache-3.3.2-beta1/flag.php 2006-01-08 23:06:20.000000000 -0800 @@ -1,6 +1,9 @@ - - - - diff -urN ampache-3.3.2-alpha4/genre.php ampache-3.3.2-beta1/genre.php --- ampache-3.3.2-alpha4/genre.php 2005-12-27 01:33:03.000000000 -0800 +++ ampache-3.3.2-beta1/genre.php 2006-01-08 23:06:20.000000000 -0800 @@ -1,8 +1,7 @@ + prefs['play_type'] == 'local_play') { + ?> -
- prefs['play_type'] == 'local_play') { - show_local_control(); + echo "
"; - } else { - echo " "; - } - ?>
+ ' + diff -urN ampache-3.3.2-alpha4/install.php ampache-3.3.2-beta1/install.php --- ampache-3.3.2-alpha4/install.php 2005-12-27 01:33:03.000000000 -0800 +++ ampache-3.3.2-beta1/install.php 2006-01-08 23:06:20.000000000 -0800 @@ -1,7 +1,7 @@ fix_preferences(); - $temp_user = new User(0); + $temp_user = new User(-1); + $temp_user->username = '-1'; $temp_user->fix_preferences(); diff -urN ampache-3.3.2-alpha4/lib/artist.lib.php ampache-3.3.2-beta1/lib/artist.lib.php --- ampache-3.3.2-alpha4/lib/artist.lib.php 2005-12-27 01:32:56.000000000 -0800 +++ ampache-3.3.2-beta1/lib/artist.lib.php 2006-01-08 23:06:13.000000000 -0800 @@ -1,6 +1,9 @@ id = $access_id; - /* Get the information from the db */ - if ($info = $this->get_info()) { + /* Assign id for use in get_info() */ + $this->id = $access_id; - /* Assign Vars */ - $this->name = $info->name; - $this->start = $info->start; - $this->end = $info->end; - $this->level = $info->level; - } // if info + $info = $this->get_info(); + $this->name = $info->name; + $this->start = $info->start; + $this->end = $info->end; + $this->level = $info->level; - } // if access_id + return true; - } //constructor + } //Access /*! @function get_info @@ -65,7 +65,7 @@ function get_info() { /* Grab the basic information from the catalog and return it */ - $sql = "SELECT * FROM access_list WHERE id='$this->id'"; + $sql = "SELECT * FROM access_list WHERE id='" . sql_escape($this->id) . "'"; $db_results = mysql_query($sql, dbh()); $results = mysql_fetch_object($db_results); @@ -74,6 +74,23 @@ } //get_info + /** + * update + * This function takes a named array as a datasource and updates the current access list entry + */ + function update($data) { + + $start = ip2int($data['start']); + $end = ip2int($data['end']); + $level = sql_escape($data['level']); + + $sql = "UPDATE access_list SET start='$start', end='$end', level='$level' WHERE id='" . sql_escape($this->id) . "'"; + $db_results = mysql_query($sql, dbh()); + + return true; + + } // update + /*! @function create @discussion creates a new entry @@ -101,7 +118,7 @@ $access_id = $this->id; } - $sql = "DELETE FROM access_list WHERE id='$access_id'"; + $sql = "DELETE FROM access_list WHERE id='" . sql_escape($access_id) . "'"; $db_results = mysql_query($sql, dbh()); } // delete diff -urN ampache-3.3.2-alpha4/lib/class/album.class.php ampache-3.3.2-beta1/lib/class/album.class.php --- ampache-3.3.2-alpha4/lib/class/album.class.php 2005-12-27 01:32:55.000000000 -0800 +++ ampache-3.3.2-beta1/lib/class/album.class.php 2006-01-08 23:06:13.000000000 -0800 @@ -1,7 +1,8 @@ id) . "' $artist_sql ORDER BY track"; + $db_results = mysql_query($sql, dbh()); + + $results = array(); + + while ($r = mysql_fetch_assoc($db_results)) { + $results[] = $r['id']; + } + + return $results; + + } // get_song_ids /*! @function format_album @@ -395,9 +420,6 @@ $final_results = array(); $possible_keys = array("LargeImage","MediumImage","SmallImage"); - /* We're gonna need this object */ - $snoopy = new Snoopy(); - // Prevent the script from timing out set_time_limit(0); @@ -405,7 +427,10 @@ if (empty($coverurl)) { if (empty($keywords)) { - $keywords = $this->name . ' ' . $this->artist; + + $keywords = $this->name; + /* If this isn't a various album combine with artist name */ + if ($this->artist_count == '1') { $keywords .= ' ' . $this->artist; } } // Create the Search Object @@ -420,7 +445,7 @@ /* Log this if we're doin debug */ if (conf('debug')) { - log_event($GLOBALS['user']->username,'amazon-xml',"Searched using $search_term with " . conf('amazon_developer_key') . " as key " . count($final_results) . " results found"); + log_event($GLOBALS['user']->username,'amazon-xml',"Searched using $keywords with " . conf('amazon_developer_key') . " as key " . count($final_results) . " results found"); } } // if no cover @@ -452,7 +477,6 @@ continue; } -// $snoopy->fetch($results[$key]); $data['url'] = $result[$key]; $data['mime'] = $mime; @@ -465,29 +489,6 @@ } // find_art - /*! - @function get_song_ids - @discussion returns a list of song_ids on the album - get_songs returns a list of song objects - */ - // it seems get_songs really should call this, - // but I don't feel comfortable imposing that - RCR - function get_song_ids( $limit = 0 ) { - - $results = array(); - $sql = "SELECT id FROM song WHERE album='$this->id' ORDER BY track, title"; - - if ($limit) { $sql .= " LIMIT $limit"; } - - $db_results = mysql_query($sql, dbh()); - - while ($r = mysql_fetch_object($db_results)) { - $results[] = $r->id; - } - - return $results; - } // get_song_ids - } //end of album class ?> diff -urN ampache-3.3.2-alpha4/lib/class/artist.class.php ampache-3.3.2-beta1/lib/class/artist.class.php --- ampache-3.3.2-alpha4/lib/class/artist.class.php 2005-12-27 01:32:55.000000000 -0800 +++ ampache-3.3.2-beta1/lib/class/artist.class.php 2006-01-08 23:06:13.000000000 -0800 @@ -1,7 +1,7 @@ id'"; + $sql = "SELECT * FROM artist WHERE id='" . sql_escape($this->id) . "'"; $db_results = mysql_query($sql, dbh()); $results = mysql_fetch_object($db_results); @@ -112,6 +112,24 @@ } // get_songs + /** + * get_song_ids + * This gets an array of song ids that are assoicated with this artist. This is great for using + * with the show_songs function + */ + function get_song_ids() { + + $sql = "SELECT id FROM song WHERE artist='" . sql_escape($this->id) . "' ORDER BY album, track"; + $db_results = mysql_query($sql, dbh()); + + while ($r = mysql_fetch_assoc($db_results)) { + $results[] = $r['id']; + } + + return $results; + + } // get_song_ids + /*! @function get_random_songs @discussion gets a random number, and @@ -265,7 +283,6 @@ /* Set Vars */ $web_path = conf('web_path'); - $albums = $this->get_albums(); $this->format_artist(); $artist = $this; diff -urN ampache-3.3.2-alpha4/lib/class/catalog.class.php ampache-3.3.2-beta1/lib/class/catalog.class.php --- ampache-3.3.2-alpha4/lib/class/catalog.class.php 2005-12-27 01:32:55.000000000 -0800 +++ ampache-3.3.2-beta1/lib/class/catalog.class.php 2006-01-08 23:06:13.000000000 -0800 @@ -1,6 +1,9 @@ artist = $this->check_artist($artist); $new_song->f_artist = $artist; $new_song->genre = $this->check_genre($genre); - $new_song->f_genre = $genre; + $new_song->f_genre = $new_song->get_genre_name(); $new_song->album = $this->check_album($album,$new_song->year); $new_song->f_album = $album . " - " . $new_song->year; $new_song->title = $this->check_title($new_song->title,$new_song->file); @@ -1187,13 +1190,15 @@ $this->clean_stats(); $this->clean_playlists(); $this->clean_flagged(); - $this->clean_genres(); - + ;$this->clean_genres(); + /* Return dead files, so they can be listed */ echo "" . _("Catalog Clean Done") . " [" . count($dead_files) . "] " . _("files removed") . "
\n"; flush(); return $dead_files; + $this->count = 0; + } //clean_catalog /** @@ -1568,6 +1573,10 @@ echo "Update Finished. Checked $this->count. $total_updated songs updated.

"; + $this->count = 0; + + return true; + } //verify_catalog @@ -1665,7 +1674,13 @@ /* If not found create */ else { - $sql = "INSERT INTO artist (name, prefix) VALUES ('$artist', '$prefix')"; + $prefix_txt = 'NULL'; + + if ($prefix) { + $prefix_txt = "'$prefix'"; + } + + $sql = "INSERT INTO artist (name, prefix) VALUES ('$artist', $prefix_txt)"; $db_results = mysql_query($sql, dbh()); $artist_id = mysql_insert_id(dbh()); @@ -1741,8 +1756,13 @@ /* If not found create */ else { + $prefix_txt = 'NULL'; + + if ($prefix) { + $prefix_txt = "'$prefix'"; + } - $sql = "INSERT INTO album (name, prefix,year) VALUES ('$album', '$prefix','$album_year')"; + $sql = "INSERT INTO album (name, prefix,year) VALUES ('$album',$prefix_txt,'$album_year')"; $db_results = mysql_query($sql, dbh()); $album_id = mysql_insert_id(dbh()); @@ -1777,9 +1797,10 @@ @param $genre The name of the genre */ function check_genre($genre) { - - if (!$genre) { - return false; + + /* If a genre isn't specified force one */ + if (strlen(trim($genre)) < 1) { + $genre = "Unknown (Orphaned)"; } if ($this->genres[$genre]) { @@ -1983,7 +2004,7 @@ foreach ($results as $value) { // Remove extra whitespace $value = trim($value); - if (preg_match("/\.[A-Za-z0-9]{3}$/",$value)) { + if (preg_match("/\.[A-Za-z0-9]{3,4}$/",$value)) { $file[0] = str_replace("/","\\",$value); $file[1] = str_replace("\\","/",$value); /* Search for this filename, cause it's a audio file */ diff -urN ampache-3.3.2-alpha4/lib/class/error.class.php ampache-3.3.2-beta1/lib/class/error.class.php --- ampache-3.3.2-alpha4/lib/class/error.class.php 2005-12-27 01:32:55.000000000 -0800 +++ ampache-3.3.2-beta1/lib/class/error.class.php 2006-01-08 23:06:13.000000000 -0800 @@ -1,7 +1,7 @@ id = $playlist_id; + var $date; - // Get the information from the db - $this->refresh_object(); - } - - } + /* Generated Elements */ + var $items = array(); + /** + * Constructor + * This takes a playlist_id as an optional argument and gathers the information + * if not playlist_id is passed returns false (or if it isn't found + */ + function Playlist($playlist_id = 0) { - /*! - @function refresh_object - @discussion Reads playlist information from the db and updates the Playlist object with it - */ - function refresh_object() { - - $dbh = dbh(); - - if ($this->id) { - $sql = "SELECT name, user, type, date FROM playlist" . - " WHERE id = '$this->id'"; - $db_results = mysql_query($sql, $dbh); - - if ($r = mysql_fetch_object($db_results)) { - $this->name = $r->name; - $this->user = $r->user; - $this->type = $r->type; - $this->time = $r->date; - $this->items = array(); - - // Fetch playlist items - $sql = "SELECT song, track FROM playlist_data" . - " WHERE playlist = '$this->id'" . - " ORDER BY track"; - $db_results = mysql_query($sql, $dbh); - - while ($r = mysql_fetch_object($db_results)) { - $this->items[] = array("song_id" => $r->song, "track" => $r->track); - } - } + if (!$playlist_id) { return false; } + + $this->id = $playlist_id; + $info = $this->_get_info(); + $this->name = $info['name']; + $this->user = $info['user']; + $this->type = $info['type']; + $this->date = $info['date']; + + } // Playlist - return TRUE; - } + /** + * _get_info + * This is an internal (private) function that gathers the information for this object from the + * playlist_id that was passed in. + */ + function _get_info() { - return FALSE; + $sql = "SELECT * FROM playlist WHERE id='" . sql_escape($this->id) . "'"; + $db_results = mysql_query($sql, dbh()); - } + $results = mysql_fetch_assoc($db_results); + return $results; - /*! - @function create_playlist - @discussion Creates an empty playlist, given a name, user_id, and type. - */ - function create_playlist($name, $user, $type) { + } // _get_info - $dbh = dbh(); + /** + * get_track + * Takes a playlist_data.id and returns the current track value for said entry + */ + function get_track($id) { - if (isset($name) && isset($user) && isset($type) && $this->check_type($type)) { - $name = sql_escape($name); - $user = sql_escape($user); - $type = sql_escape($type); - - $sql = "INSERT INTO playlist (name, user, type)" . - " VALUES ('$name', '$user', '$type')"; - $db_results = mysql_query($sql, $dbh); - - if ($this->id = mysql_insert_id($dbh)) { - $this->refresh_object(); - return true; - } // end if it created correctly - - } // end if this is a valid playlist entry + $sql = "SELECT track FROM playlist_data WHERE id='" . sql_escape($id) . "'"; + $db_results = mysql_query($sql, dbh()); - if (conf('debug')) { - log_event($GLOBALS['user']->username,'playlist_create',"Failed to Create Playlist of $type Type named $name for $user"); - } + $result = mysql_fetch_assoc($db_results); - return false; + return $result['track']; - } // create_playlist + } // get_track + /** + * get_items + * This returns an array of playlist songs that are in this playlist. Because the same + * song can be on the same playlist twice they are key'd by the uid from playlist_data + */ + function get_items() { - /*! - @function delete - @discussion Deletes the playlist. - */ - function delete() { + $sql = "SELECT * FROM playlist_data WHERE playlist='" . sql_escape($this->id) . "' ORDER BY track"; + $db_results = mysql_query($sql, dbh()); - $dbh = dbh(); + while ($r = mysql_fetch_assoc($db_results)) { - if ($this->id) { - $sql = "DELETE FROM playlist_data" . - " WHERE playlist = '$this->id'"; - $db_results = mysql_query($sql, $dbh); + $key = $r['id']; + $results[$key] = $r; - $sql = "DELETE FROM playlist" . - " WHERE id = '$this->id'"; - $db_results = mysql_query($sql, $dbh); + } // end while - $sql = "DELETE FROM playlist_permission" . - " WHERE playlist = '$this->id'"; - $db_results = mysql_query($sql, $dbh); + return $results; - return true; - } // if we've got a valid playlist + } // get_items - return false; + /** + * get_songs + * This returns an array of song_ids accounting for any dyn_song entries this playlist + * may have. This is what should be called when trying to generate a m3u or other playlist + */ + function get_songs() { - } // delete + $sql = "SELECT * FROM playlist_data WHERE playlist='" . sql_escape($this->id) . "'"; + $db_results = mysql_query($sql, dbh()); + $results = array(); - /*! - @function update_track_numbers - @discussion Reads an array of song_ids and track numbers to update - */ - function update_track_numbers($changes) { - - $dbh = dbh(); - - if ($this->id && isset($changes) && is_array($changes)) { - foreach ($changes as $change) { - // Check for valid song_id - $sql = "SELECT count(*) FROM song WHERE id = '" . $change['song_id'] . "'"; - $db_results = mysql_query($sql, $dbh); - $r = mysql_fetch_row($db_results); - if ($r[0] == 1) { - $sql = "UPDATE playlist_data SET" . - " track = '" . $change['track'] . "'" . - " WHERE playlist = '$this->id'". - " AND song = '" . $change['song_id'] . "'"; - $db_results = mysql_query($sql, $dbh); - } + while ($r = mysql_fetch_assoc($db_results)) { + if ($r['dyn_song']) { + $array = $this->get_dyn_songs($r['dyn_song']); + $results = array_merge($array,$results); } + else { + $results[] = $r['song']; + } - // Refresh the playlist object - $this->refresh_object(); + } // end while - return TRUE; - } + return $results; + + } // get_songs - return FALSE; + /** + * get_random_songs + * This returns all of the songs in a random order, except those + * pulled from dyn_songs + */ + function get_random_songs() { - } + $sql = "SELECT * FROM playlist_data WHERE playlist='" . sql_escape($this->id) . "'" . + " ORDER BY RAND()"; + $db_results = mysql_query($sql, dbh()); + $results = array(); - /*! - @function add_songs - @discussion Reads an array of song_ids to add to the playlist - @param $song_ids the array of song_ids - @param $is_ordered boolean, if true insert in order submitted, not by track number - */ - function add_songs($song_ids, $is_ordered = false) { - - $dbh = dbh(); - - if ($this->id && isset($song_ids) && is_array($song_ids)) { - $count = 0; - foreach ($song_ids as $song_id) { - if( $is_ordered ) { - $track_num = $count++; - } else { - $track_num = $song->track; - } - $song = new Song($song_id); - if (isset($song->id)) { - $sql = "INSERT INTO playlist_data" . - " (playlist, song, track)" . - " VALUES ('$this->id', '$song->id', '$track_num')"; - $db_results = mysql_query($sql, $dbh); - } + while ($r = mysql_fetch_assoc($db_results)) { + if ($r['dyn_song']) { + $array = $this->get_dyn_songs($r['dyn_song']); + $results = array_merge($array,$results); + } + else { + $results[] = $r['song']; } + } // end while - // Refresh the playlist object - $this->refresh_object(); + return $results; - return TRUE; - } + } // get_random_songs - return FALSE; + /** + * get_dyn_songs + * This returns an array of song_ids for a single dynamic playlist entry + */ + function get_dyn_songs($dyn_string) { - } // add_songs + /* Ok honestly I know this is risky, so we have to be + * 100% sure that the user never got to touch this. This + * Query has to return id which must be a song.id + */ + $db_results = mysql_query($dyn_string, dbh()); + $results = array(); + while ($r = mysql_fetch_assoc($db_results)) { + $results[] = $r['id']; + } // end while - /*! - @function remove_songs - @discussion Reads an array of song_ids to remove from the playlist - */ - function remove_songs($song_ids) { - - $dbh = dbh(); - - if ($this->id && isset($song_ids) && is_array($song_ids)) { - foreach ($song_ids as $song_id) { - $sql = "DELETE FROM playlist_data" . - " WHERE song = '$song_id'" . - " AND playlist = '$this->id'"; - $db_results = mysql_query($sql, $dbh); - } + return $results; - // Refresh the playlist object - $this->refresh_object(); + } // get_dyn_songs - return TRUE; - } + /** + * get_song_count + * This simply returns a int of how many song elements exist in this playlist + * For now let's consider a dyn_song a single entry + */ + function get_song_count() { - return FALSE; + $sql = "SELECT COUNT(id) FROM playlist_data WHERE playlist='" . sql_escape($this->id) . "'"; + $db_results = mysql_query($sql, dbh()); - } + $results = mysql_fetch_row($db_results); + return $results['0']; - /*! - @function check_type - @discussion Checks for a valid playlist type - */ - function check_type($type) { + } // get_song_count - if (isset($type)) { - if ($type === 'public' || $type === 'private') { - return TRUE; - } - } + /** + * has_access + * This takes no arguments. It looks at the currently logged in user (_SESSION) + * This accounts for admin powers and the access on a per list basis + */ + function has_access() { - return FALSE; + if (!$GLOBALS['user']->has_access(25)) { return false; } - } + /* If they are a full admin, then they always get rights */ + if ($GLOBALS['user']->has_access(100)) { return true; } + if ($this->user == $GLOBALS['user']->username) { return true; } - /*! - @function update_type - @discussion Updates the playlist type - */ - function update_type($type) { + /* Check the Playlist_permission table */ + $sql = "SELECT id FROM playlist_permission WHERE " . + "playlist='" . sql_escape($this->id) . "' AND userid='" . sql_escape($GLOBALS['user']->username) . "'" . + " AND level >= '25'"; + $db_results = mysql_query($sql, dbh()); - $dbh = dbh(); + $results = mysql_fetch_row($db_results); - if ($this->id && isset($type) && $this->check_type($type)) { - $sql = "UPDATE playlist SET type = '$type'" . - " WHERE id = '$this->id'"; - $db_results = mysql_query($sql, $dbh); + if ($results) { return true; } - // Refresh the playlist object - $this->refresh_object(); + return false; - return TRUE; - } + } // has_access - return FALSE; + /** + * update_type + * This updates the playlist type, it calls the generic update_item function + */ + function update_type($new_type) { - } + if ($this->_update_item('type',$new_type,'100')) { + $this->type = $new_type; + } + } // update_type - /*! - @function update_name - @discussion Updates the playlist name - */ - function update_name($name) { + /** + * update_name + * This updates the playlist name, it calls the generic update_item function + */ + function update_name($new_name) { - $dbh = dbh(); + if ($this->_update_item('name',$new_name,'100')) { + $this->name = $new_name; + } - if ($this->id && isset($name)) { - $name = sql_escape($name); - $sql = "UPDATE playlist SET name = '$name'" . - " WHERE id = '$this->id'"; - $db_results = mysql_query($sql, $dbh); + } // update_name - // Refresh the playlist object - $this->refresh_object(); + /** + * _update_item + * This is the generic update function, it does the escaping and error checking + */ + function _update_item($field,$value,$level) { - return TRUE; + if ($GLOBALS['user']->username != $this->user AND !$GLOBALS['user']->has_access($level)) { + return false; } - return FALSE; + $value = sql_escape($value); - } + $sql = "UPDATE playlist SET $field='$value' WHERE id='" . sql_escape($this->id) . "'"; + $db_results = mysql_query($sql, dbh()); - /*! - @function normalize_tracks - @discussion this takes the crazy out of order tracks - and numbers them in a liner fashion, not allowing for - the same track # twice, this is an optional funcition - */ - function normalize_tracks() { + return $db_results; - /* First get all of the songs in order of their tracks */ - $sql = "SELECT id FROM playlist_data WHERE playlist='$this->id' ORDER BY track ASC"; - $db_results = mysql_query($sql, dbh()); + } // update_item - $i = 1; + /** + * update_track_numbers + + * This function takes an array of $array['song_id'] $array['track'] where song_id is really the + * playlist_data.id and updates them + */ + function update_track_numbers($data) { - while ($r = mysql_fetch_assoc($db_results)) { - $new_data = array(); - $new_data['id'] = $r['id']; - $new_data['track'] = $i; - $results[] = $new_data; - $i++; - } // end while results - - foreach($results as $data) { - $sql = "UPDATE playlist_data SET track='" . $data['track'] . "' WHERE" . - " id='" . $data['id'] . "'"; + foreach ($data as $change) { + + $track = sql_escape($change['track']); + $id = sql_escape($change['song_id']); + + $sql = "UPDATE playlist_data SET track='$track' WHERE id='$id'"; $db_results = mysql_query($sql, dbh()); - } // foreach re-ordered results - return true; + } // end foreach + + } // update_track_numbers + + /** + * add_songs + * This takes an array of song_ids and then adds it to the playlist + * if you want to add a dyn_song you need to use the one shot function + * add_dyn_song + */ + function add_songs($song_ids=array()) { + + foreach ($song_ids as $song_id) { + /* We need the songs track */ + $song = new Song($song_id); + + $track = sql_escape($song->track); + $id = sql_escape($song->id); + $pl_id = sql_escape($this->id); + + /* Don't insert dead songs */ + if ($id) { + $sql = "INSERT INTO playlist_data (`playlist`,`song`,`track`) " . + " VALUES ('$pl_id','$id','$track')"; + $db_results = mysql_query($sql, dbh()); + } // if valid id + + } // end foreach songs - } // normalize_tracks + } // add_songs + + /** + * add_dyn_song + * This adds a dynamic song to a specified playlist this is just called as the + * song its self is stored in the session to keep it away from evil users + */ + function add_dyn_song() { + $dyn_song = $_SESSION['userdata']['stored_search']; - /*! - @function get_songs - @discussion Returns an array of song_ids for the playlist - */ - function get_songs() { - - $song_ids = array(); - - if ($this->id && is_array($this->items)) { - foreach ($this->items as $item) { - $song_ids[] = $item['song_id']; - } - } + if (strlen($dyn_song) < 1) { echo "FAILED1"; return false; } - return $song_ids; + if (substr($dyn_song,0,6) != 'SELECT') { echo "$dyn_song"; return false; } - } // get_songs + /* Test the query before we put it in */ + $db_results = @mysql_query($dyn_song, dbh()); - /*! - @function get_random_songs - @discussion gets a random set of the songs in this - playlist - */ - function get_random_songs() { + if (!$db_results) { return false; } - $sql = "SELECT COUNT(song) FROM playlist_data WHERE playlist = '$this->id'"; + /* Ok now let's add it */ + $sql = "INSERT INTO playlist_data (`playlist`,`dyn_song`,`track`) " . + " VALUES ('" . sql_escape($this->id) . "','" . sql_escape($dyn_song) . "','0')"; $db_results = mysql_query($sql, dbh()); - $total_songs = mysql_fetch_row($db_results); - - // Fetch playlist items - $sql = "SELECT song, track FROM playlist_data" . - " WHERE playlist = '$this->id'" . - " ORDER BY RAND()"; + return true; + + } // add_dyn_song + + /** + * create + * This function creates an empty playlist, gives it a name and type + * Assumes $GLOBALS['user']->username as the user + */ + function create($name,$type) { + + $name = sql_escape($name); + $type = sql_escape($type); + $user = sql_escape($GLOBALS['user']->username); + $date = time(); + + $sql = "INSERT INTO playlist (`name`,`user`,`type`,`date`) " . + " VALUES ('$name','$user','$type','$date')"; + $db_results = mysql_query($sql, dbh()); + + $insert_id = mysql_insert_id(dbh()); + + return $insert_id; + + } //create_paylist + + /** + * set_items + * This calles the get_items function and sets it to $this->items which is an array in this object + */ + function set_items() { + + $this->items = $this->get_items(); + + } // set_items + + /** + * normalize_tracks + * this takes the crazy out of order tracks + * and numbers them in a liner fashion, not allowing for + * the same track # twice, this is an optional funcition + */ + function normalize_tracks() { + + /* First get all of the songs in order of their tracks */ + $sql = "SELECT id FROM playlist_data WHERE playlist='" . sql_escape($this->id) . "' ORDER BY track ASC"; $db_results = mysql_query($sql, dbh()); - while ($r = mysql_fetch_object($db_results)) { - $song_ids[] = $r->song; - } - return $song_ids; - } // get_random_songs + $i = 1; - /*! - @function show_import - @discussion shows the import from file template - */ - function show_import() { + while ($r = mysql_fetch_assoc($db_results)) { + $new_data = array(); + $new_data['id'] = $r['id']; + $new_data['track'] = $i; + $results[] = $new_data; + $i++; + } // end while results + + foreach($results as $data) { + $sql = "UPDATE playlist_data SET track='" . $data['track'] . "' WHERE" . + " id='" . $data['id'] . "'"; + $db_results = mysql_query($sql, dbh()); + } // foreach re-ordered results - require (conf('prefix') . "/templates/show_import_playlist.inc.php"); + return true; - } // show_import + } // normalize_tracks + + /** + * check_type + * This validates a type to make sure it's legit + */ + function check_type($type) { + + if ($type == 'public' || $type == 'private') { return true; } + + return false; + + } // check_type + + /** + * remove_songs + * This is the polar opposite of the add_songs function... with one little + * change. it works off of the playlist_data.id rather then song_id + */ + function remove_songs($data) { + + foreach ($data as $value) { + + $id = sql_escape($value); + + $sql = "DELETE FROM playlist_data WHERE id='$id'"; + $db_results = mysql_query($sql, dbh()); -} //end of playlist class + } // end foreach dead songs + + } // remove_songs + + /** + * delete + * This deletes the current playlist and all assoicated data + */ + function delete() { + + $id = sql_escape($this->id); + + $sql = "DELETE FROM playlist_data WHERE playlist = '$id'"; + $db_results = mysql_query($sql, dbh()); + + $sql = "DELETE FROM playlist WHERE id='$id'"; + $db_results = mysql_query($sql, dbh()); + + $sql = "DELETE FROM playlist_permission WHERE playlist='$id'"; + $db_results = mysql_query($sql, dbh()); + + return true; + + } // delete -?> +} // class Playlist diff -urN ampache-3.3.2-alpha4/lib/class/rating.class.php ampache-3.3.2-beta1/lib/class/rating.class.php --- ampache-3.3.2-alpha4/lib/class/rating.class.php 2005-12-27 01:32:55.000000000 -0800 +++ ampache-3.3.2-beta1/lib/class/rating.class.php 2006-01-08 23:06:13.000000000 -0800 @@ -1,7 +1,7 @@ id = $id; $this->type = $type; - if (intval($id) > 1) { $this->get_average(); } + else { + $this->rating='0'; + } } // Rating diff -urN ampache-3.3.2-alpha4/lib/class/song.class.php ampache-3.3.2-beta1/lib/class/song.class.php --- ampache-3.3.2-alpha4/lib/class/song.class.php 2005-12-27 01:32:55.000000000 -0800 +++ ampache-3.3.2-beta1/lib/class/song.class.php 2006-01-08 23:06:13.000000000 -0800 @@ -1,7 +1,7 @@ id'"; + "song LEFT JOIN flagged ON song.id = flagged.song WHERE song.id = '" . sql_escape($this->id) . "'"; $db_results = mysql_query($sql, dbh()); $results = mysql_fetch_object($db_results); diff -urN ampache-3.3.2-alpha4/lib/class/stream.class.php ampache-3.3.2-beta1/lib/class/stream.class.php --- ampache-3.3.2-alpha4/lib/class/stream.class.php 2005-12-27 01:32:55.000000000 -0800 +++ ampache-3.3.2-beta1/lib/class/stream.class.php 2006-01-08 23:06:13.000000000 -0800 @@ -1,7 +1,7 @@ '332004', 'description' => $update_string); + $update_string = "- Verify Previous Update, I dropped the ball and allowed a nightly to be built with an invalid Update function " . + "this update simply verifies that the previous database upgrade worked correctly and corrects it if it didn't. I appologize " . + "for the mistake and will do my best to make sure it never happens again. - Karl Vollmer
"; + + $version[] = array('version' => '332005','description' => $update_string); + + + $update_string = '- Adds Create Date to User table to track registration and user creation time.'; + + $version[] = array('version' => '332006','description' => $update_string); + + $update_string = '- Alters the Dynamic Song field to be TEXT instead of Varchar (varchar was not long enough).'; + + $version[] = array('version' => '332007','description' => $update_string); + return $version; } // populate_version @@ -1231,7 +1246,7 @@ */ function update_332004() { - $sql = "ALTER TABLE `playlist_data` ADD `id` INT( 11 ) UNSIGNED NOT NULL AUTO_INCREMENT FIRST"; + $sql = "ALTER TABLE `playlist_data` ADD `id` INT( 11 ) UNSIGNED NOT NULL AUTO_INCREMENT PRIMARY KEY FIRST"; $db_results = mysql_query($sql, dbh()); /* Create the ratings table */ @@ -1294,6 +1309,100 @@ $this->set_version('db_version','332004'); } // update_332004 + + /** + * update_332005 + * I tottaly messed up the 332004 update so I've gotta go back and verify what + * happened and didn't happen and then fix that which didn't happen + * Doublecheck the playlist_data entry + * Check the ratings table to make sure it's correct + */ + function update_332005() { + + /* Check Playlist_Data */ + $sql = "DESCRIBE playlist_data"; + $db_results = mysql_query($sql, dbh()); + + while ($r = mysql_fetch_assoc($db_results)) { + $key = $r['Field']; + $results[$key] = $r['Key']; + } + + /* If $results['id'] != PRI then we're screwed and we need to try again */ + if ($results['id'] != 'PRI') { + /* Try again!!!! */ + $sql = "ALTER TABLE `playlist_data` ADD `id` INT( 11 ) UNSIGNED NOT NULL AUTO_INCREMENT PRIMARY KEY FIRST"; + $db_results = mysql_query($sql, dbh()); + } + + /* Next verify the setup of the ratings table */ + $sql = "DESCRIBE ratings"; + $db_results = mysql_query($sql, dbh()); + + $results = array(); + + /* it fails horribly? */ + if (!$db_results) { + /* Try to create the table again */ + $sql = "CREATE TABLE `ratings` (`id` int(11) unsigned NOT NULL auto_increment," . + " `user` varchar(128) NOT NULL default ''," . + " `object_type` enum('artist','album','song') NOT NULL default 'artist'," . + " `object_id` int(11) unsigned NOT NULL default '0'," . + " `user_rating` enum('00','0','1','2','3','4','5') NOT NULL default '0'," . + " PRIMARY KEY (`id`))"; + $db_results = mysql_query($sql, dbh()); + } + else { + /* Go through the friggin results */ + while ($r = mysql_fetch_assoc($db_results)) { + $key = $r['Field']; + $results[$key] = $r['Type']; + } + if ($results['rating']) { + $sql = "ALTER TABLE `ratings` CHANGE `rating` `user_rating` ENUM( '00', '0', '1', '2', '3', '4', '5' ) NOT NULL DEFAULT '0'"; + $db_results = mysql_query($sql, dbh()); + } + + } // end else + + /* One more thing I pooched */ + $sql = "ALTER TABLE `playlist_data` CHANGE `song` `song` INT( 11 ) UNSIGNED NULL DEFAULT NULL"; + $db_results = mysql_query($sql, dbh()); + + $this->set_version('db_version','332005'); + + } // update_332005 + + /** + * update_332006 + * Hmm 2006 perfect for the new year.. anyway this just adds the create_date on the account + * so that you know when they were registered/created + */ + function update_332006() { + + $sql = "ALTER TABLE `user` ADD `create_date` INT ( 11 ) UNSIGNED NULL DEFAULT NULL"; + $db_results = mysql_query($sql, dbh()); + + $sql = "ALTER TABLE `user` ADD `validation` VARCHAR ( 128 )"; + $db_results = mysql_query($sql, dbh()); + + $this->set_version('db_version','332006'); + + } // update_332006 + + /** + * update_332007 + * Arg... I'm tried of writting these updates + * If I would only get it right the first time I wouldn't have to do this + */ + function update_332007() { + + $sql = "ALTER TABLE `playlist_data` CHANGE `dyn_song` `dyn_song` TEXT NULL DEFAULT NULL"; + $db_results = mysql_query($sql, dbh()); + + $this->set_version('db_version','332007'); + + } // update_332007 } // end update class ?> diff -urN ampache-3.3.2-alpha4/lib/class/user.class.php ampache-3.3.2-beta1/lib/class/user.class.php --- ampache-3.3.2-alpha4/lib/class/user.class.php 2005-12-27 01:32:55.000000000 -0800 +++ ampache-3.3.2-beta1/lib/class/user.class.php 2006-01-08 23:06:13.000000000 -0800 @@ -1,7 +1,7 @@ offset_limit = $info->offset_limit; $this->email = $info->email; $this->last_seen = $info->last_seen; + $this->create_date = $info->create_date; + $this->validation = $info->validation; $this->set_preferences(); // Make sure the Full name is always filled @@ -304,6 +308,23 @@ } // update_username + /** + * update_validation + * This is used by the registration mumbojumbo + * Use this function to update the validation key + * NOTE: crap this doesn't have update_item the humanity of it all + */ + function update_validation($new_validation) { + + $new_validation = sql_escape($new_validation); + $sql = "UPDATE user SET validation='$new_validation' WHERE username='$this->username'"; + $this->validation = $new_validation; + $db_results = mysql_query($sql, dbh()); + + return $db_results; + + } // update_validation + /*! @function update_fullname @discussion updates their fullname @@ -368,12 +389,12 @@ } elseif ($new_access == 'disabled') { - $new_access = sql_escape($new_access); $sql = "UPDATE user SET disabled='1' WHERE username='$this->username'"; $db_results = mysql_query($sql, dbh()); $sql = "DELETE FROM session WHERE username='" . sql_escape($this->username) . "'"; $db_results = mysql_query($sql, dbh()); - } else { + } + else { $new_access = sql_escape($new_access); $sql = "UPDATE user SET access='$new_access' WHERE username='$this->username'"; $db_results = mysql_query($sql, dbh()); @@ -466,21 +487,22 @@ } // update_stats - /*! - @function create - @discussion inserts a new user into ampache - */ + /** + * create + * inserts a new user into ampache + */ function create($username, $fullname, $email, $password, $access) { /* Lets clean up the fields... */ $username = sql_escape($username); $fullname = sql_escape($fullname); $email = sql_escape($email); - + /* Now Insert this new user */ - $sql = "INSERT INTO user (username, fullname, email, password, access) VALUES" . - " ('$username','$fullname','$email',PASSWORD('$password'),'$access')"; + $sql = "INSERT INTO user (username, fullname, email, password, access, create_date) VALUES" . + " ('$username','$fullname','$email',PASSWORD('$password'),'$access','" . time() ."')"; $db_results = mysql_query($sql, dbh()); + if (!$db_results) { return false; } /* Populates any missing preferences, in this case all of them */ @@ -488,7 +510,7 @@ return $username; - } // new + } // create /*! @function update_password @@ -568,7 +590,7 @@ */ if ($user_id != '-1') { $sql = "SELECT user_preference.preference,user_preference.value FROM user_preference,preferences " . - "WHERE user_preference.preference = preferences.id AND user_preference.user='-1' AND preferences.type='user'"; + "WHERE user_preference.preference = preferences.id AND user_preference.user='-1' AND preferences.type !='system'"; $db_results = mysql_query($sql, dbh()); while ($r = mysql_fetch_object($db_results)) { $zero_results[$r->preference] = $r->value; @@ -578,7 +600,7 @@ $sql = "SELECT * FROM preferences"; if ($user_id != '-1') { - $sql .= " WHERE type='user'"; + $sql .= " WHERE type !='system'"; } $db_results = mysql_query($sql, dbh()); @@ -701,7 +723,7 @@ admin */ if ($this->has_access(100)) { - $sql = "SELECT * FROM user WHERE (level='admin' OR level='100') AND username!='" . $this->username . "'"; + $sql = "SELECT username FROM user WHERE (access='admin' OR access='100') AND username !='" . sql_escape($this->username) . "'"; $db_results = mysql_query($sql, dbh()); if (!mysql_num_rows($db_results)) { return false; @@ -737,9 +759,42 @@ @description calcs difference between now and last_seen if less than delay, we consider them still online */ + function is_online( $delay = 1200 ) { return time() - $this->last_seen <= $delay; } + /*! + @function get_user_validation + @check if user exists before activation can be done. + */ + function get_user_validation($username,$validation) { + + $usename = sql_escape($username); + + $sql = "SELECT validation FROM user where username='$username'"; + $db_results = mysql_query($sql, dbh()); + + $row = mysql_fetch_assoc($db_results); + $val = $row['validation']; + + return $val; + + } // get_user_validation + + /*! + @function activate_user + @activates the user from public_registration + */ + function activate_user($username) { + + $username = sql_escape($username); + + $sql = "UPDATE user SET disabled='0' WHERE username='$username'"; + $db_results = mysql_query($sql, dbh()); + + } // activate_user + } //end class + ?> diff -urN ampache-3.3.2-alpha4/lib/class/view.class.php ampache-3.3.2-beta1/lib/class/view.class.php --- ampache-3.3.2-alpha4/lib/class/view.class.php 2005-12-27 01:32:55.000000000 -0800 +++ ampache-3.3.2-beta1/lib/class/view.class.php 2006-01-08 23:06:13.000000000 -0800 @@ -1,7 +1,7 @@ add_error('general',"Error: Unable to Create Database " . mysql_error()); return false; } @mysql_select_db($database, $dbh); } // if db can't be selected - + /* Check and see if we should create a user here */ + if ($_REQUEST['db_user'] == 'create_db_user') { + $db_user = scrub_in($_REQUEST['db_username']); + $db_pass = scrub_in($_REQUEST['db_password']); + $sql = "GRANT ALL PRIVILEGES ON " . sql_escape($database,$dbh) . ".* TO " . + "'" . sql_escape($db_user,$dbh) . "'@'" . sql_escape($hostname,$dbh) . "' IDENTIFIED BY '" . sql_escape($db_pass,$dbh) . "' WITH GRANT OPTION"; + + if (!$db_results = @mysql_query($sql, $dbh)) { + $GLOBALS['error']->add_error('general',"Error: Unable to Insert $db_user with permissions to $database on $hostname " . mysql_error()); + return false; + } + } // end if we are creating a user /* Attempt to insert database */ $query = fread(fopen("sql/ampache.sql", "r"), filesize("sql/ampache.sql")); @@ -154,9 +165,11 @@ */ // Connect to the DB if(!$dbh = @mysql_pconnect($hostname,$username,$password)) { + $GLOBALS['error']->add_error('general',"Database Connection Failed Check Hostname, Username and Password"); return false; } if (!$db_selected = @mysql_select_db($database, $dbh)) { + $GLOBALS['error']->add_error('general',"Database Selection Failure Check Existance of $database"); return false; } @@ -197,12 +210,12 @@ if (!$config_handle = @fopen("config/ampache.cfg.php",'w')) { $browser = new Browser(); $browser->downloadHeaders("ampache.cfg.php","text/plain",false,filesize("config/ampache.cfg.php.dist")); - echo $config_data; exit(); } if (!@fwrite($config_handle,$config_data)) { + $GLOBALS['error']->add_error('general',"Error: Unable to write Config File but file writeable?"); return false; } @@ -227,9 +240,10 @@ $sql = "INSERT INTO user (`username`,`password`,`offset_limit`,`access`) VALUES ('$username',PASSWORD('$password'),'50','admin')"; $db_results = mysql_query($sql, $dbh); - $insert_id = mysql_insert_id($dbh); - - if (!$insert_id) { return false; } + if (!$db_results) { + $GLOBALS['error']->add_error('general',"Insert of Base User Failed " . mysql_error()); + return false; + } return true; diff -urN ampache-3.3.2-alpha4/lib/log.lib.php ampache-3.3.2-beta1/lib/log.lib.php --- ampache-3.3.2-alpha4/lib/log.lib.php 2005-12-27 01:32:56.000000000 -0800 +++ ampache-3.3.2-beta1/lib/log.lib.php 2006-01-08 23:06:13.000000000 -0800 @@ -1,6 +1,9 @@ ) { - next if ($_ =~ /^#.*/); - - if ( $_ =~ /(.*?)\s+=\s+(.*)/ ) { - $config{$1} = $2; - } - } - - my $name = $config{'local_db'}; - - my $self = - { - _name => $config{'local_db'}, - _database => $config{'local_db'}, - _sth_cache => {}, - _connect => { - dbd => 'mysql', - host => $config{'local_host'}, - port => '3306', - username => $config{'local_username'}, - password => $config{'local_pass'} - }, - _dbh => '', - _path => $path, - _config => \%config, - _debug => $FALSE - }; - - $VERSION = $config{'VERSION'}; - - $Local::Ampache::ampache{$name} = bless ($self, $class); - - $self->{_dbh} = $self->dbh( $name ); - - return $self; - -} # End New Ampache Module - -sub DESTROY { - my ($self) = @_; - - foreach my $sth (values %{$self->{_sth_cache}}) { - if (defined($sth)) { $sth->finish(); } - } - - if (defined($self->{_dbh}) and $self->{_dbh} ne "") { - $self->{_dbh}->disconnect(); - } -} - -sub get -{ - my ($class, $name) = @_; - - if (not $Local::Ampache::ampache{$name}) { - $Local::Ampache::ampache{$name} = Local::Ampache->new($name); - } - return bless $Local::Ampache::ampache{$name}, $class; -} - -sub dbh -{ - my ($self, $database) = @_; - my $dbh = ''; - - if($self->{_dbh} ) - { - return $self->{_dbh}; - } - else - { - my $connect_string = [ sprintf("dbi:%s:database=%s;host=%s;port=%s", - $self->{_connect}{dbd}, - $self->{_database}, - $self->{_connect}{host}, - $self->{_connect}{port}), - $self->{_connect}{username}, - $self->{_connect}{password} ]; - $dbh = DBI->connect( @{$connect_string}, - {PrintError => 0, - RaiseError => 0, - AutoCommit => 1}); - - if ( !$dbh ) - { - die "Failed to connect to database. Exiting."; - } - } - - return $dbh; -} - -sub prepare_sth_cache { - my ($self, $sql) = @_; - - # the call to dbh() forces a connection if one has dropped - my $dbh = $self->dbh(); - return $dbh->prepare($sql); -} - -sub get_table_where -{ - my ($self, $name, $where,$select) = @_; - if (!$select) { $select = "*"; } - my ($sql, $sth); - my $dbh = $self->dbh(); - $sql = qq{SELECT $select FROM $name $where}; - $sth = $dbh->prepare($sql); - $sth->execute(); - - my @table = (); - while ( my $ary = $sth->fetchrow_hashref() ) - { - push(@table, $ary); - } - return (@table); -} - -sub get_catalog_option -{ - my ($self, $catalog, $field) = @_; - if(!$self->{_catalog}{$catalog}) { - print "Loading catalog settings\n"; - my ($sql, $sth); - $sql = qq{SELECT * FROM catalog WHERE path = '$catalog'}; - my $dbh = $self->dbh(); - $sth = $dbh->prepare($sql); - $sth->execute(); - $self->{_catalog}{$catalog} = $sth->fetchrow_hashref(); - } - return $self->{_catalog}->{$catalog}->{$field}; -} - -sub change_flags -{ - my ($self, $song, $oldflag, $newflag) = @_; - my ($sql, $sth); - my $dbh = $self->dbh(); - $sql = "UPDATE flagged SET type = '$newflag' WHERE song = '".$song->{'id'}."' AND type = '$oldflag'"; - $sth = $dbh->prepare($sql); - $sth->execute(); -} - - sub update_song -{ - my ($self, $filename, $song) = @_; - my ($sql, $sth); - my $dbh = $self->dbh(); - $filename =~ s/'/\\'/g; - $filename =~ s/"/\\"/g; - $filename =~ s/\Q%\E//g; - $sql = "UPDATE song SET file = '$filename' WHERE id = '".$song->{'id'}."'"; - $sth = $dbh->prepare($sql); - $sth->execute(); -} - -sub get_song_info -{ - my ($self, $song) = @_; - my ($sql, $sth); - my $dbh = $self->dbh(); - if ( not $self->{_sth_cache}{get_song_info}) - { - $self->{_sth_cache}{get_song_info} = $self->prepare_sth_cache( - qq{SELECT catalog.path AS catalog,song.file,song.id,song.title,song.track,song.year,song.comment,album.name AS album, artist.name AS artist,genre FROM song,album,artist,catalog WHERE song.id = ? AND album.id = song.album AND artist.id = song.artist AND song.catalog = catalog.id}); - - } - $sth = $self->{_sth_cache}{get_song_info}; - $sth->execute($song); - - my @table = (); - while ( my $ary = $sth->fetchrow_hashref() ) - { - push(@table, $ary); - } - return (@table); -} - -#sub get_song_info -#{ -# my ($self, $song) = @_; -# -# my ($sql, $sth); -# my $dbh = $self->dbh(); -# if ( not $self->{_sth_cache}{song_info}{$song} ) -# { -# $sql = qq{SELECT * FROM song WHERE id = $song}; -# $sth = $dbh->prepare($sql); -# $self->{_sth_cache}{song_info}{$song} = $sth; -# } -# -# $sth = $self->{_sth_cache}{song_info}{$song}; -# $sth->execute(); -# -# my @song_info = $sth->fetchrow_hashref(); -# return (@song_info); -#} - - -1; -__END__ diff -urN ampache-3.3.2-alpha4/lib/perl/Local/Ampache/Makefile.PL ampache-3.3.2-beta1/lib/perl/Local/Ampache/Makefile.PL --- ampache-3.3.2-alpha4/lib/perl/Local/Ampache/Makefile.PL 2005-12-27 01:32:55.000000000 -0800 +++ ampache-3.3.2-beta1/lib/perl/Local/Ampache/Makefile.PL 1969-12-31 16:00:00.000000000 -0800 @@ -1,7 +0,0 @@ -use ExtUtils::MakeMaker; -# See lib/ExtUtils/MakeMaker.pm for details of how to influence -# the contents of the Makefile that is written. -WriteMakefile( - 'NAME' => 'Local::Ampache', - 'VERSION_FROM' => 'Ampache.pm', # finds $VERSION -); diff -urN ampache-3.3.2-alpha4/lib/playlist.lib.php ampache-3.3.2-beta1/lib/playlist.lib.php --- ampache-3.3.2-alpha4/lib/playlist.lib.php 1969-12-31 16:00:00.000000000 -0800 +++ ampache-3.3.2-beta1/lib/playlist.lib.php 2006-01-08 23:06:13.000000000 -0800 @@ -0,0 +1,124 @@ +has_access(100)) { + $playlists = get_playlists('adminprivate'); + $type = 'Admin'; + require (conf('prefix') . '/templates/show_playlists.inc.php'); + } + + /* Always Show Public */ + $playlists = get_playlists('public'); + $type = 'Public'; + require (conf('prefix') . '/templates/show_playlists.inc.php'); + +} // show_playlists + +/** + * show_playlist + * This function takes a playlist object and calls show_songs after + * runing get_items() + */ +function show_playlist($playlist) { + + /* Create the Playlist */ + $song_ids = $playlist->get_items(); + + show_playlist_menu(); + + if (count($song_ids) > 0) { + show_songs($song_ids, $playlist); + } + else { + echo "
" . _("No songs in this playlist.") . "
\n"; + } + +} // show_playlist + +/** + * show_playlist_menu + * This shows a little pretty box that contains the playlist 'functions' + */ +function show_playlist_menu() { + + require (conf('prefix') . '/templates/show_playlist_box.inc.php'); + +} // show_playlist_menu + +/** + * get_playlists + * This function takes private,adminprivate or public and returns an array of playlist objects + * that match, it checks permission + */ +function get_playlists($type) { + + switch ($type) { + case 'private': + $sql = "SELECT id FROM playlist WHERE user='" . sql_escape($GLOBALS['user']->username) . "'" . + " AND type='private'"; + break; + case 'adminprivate': + if (!$GLOBALS['user']->has_access(100)) { return false; } + $sql = "SELECT id FROM playlist WHERE user!='" . sql_escape($GLOBALS['user']->username) . "'" . + " AND type='private'"; + break; + default: + case 'public': + $sql = "SELECT id FROM playlist WHERE type='public'"; + break; + } // end switch + + $db_results = mysql_query($sql, dbh()); + + $results = array(); + + while ($r = mysql_fetch_assoc($db_results)) { + $playlist = new Playlist($r['id']); + $results[] = $playlist; + } + + return $results; + +} // get_playlists + +?> diff -urN ampache-3.3.2-alpha4/lib/preferences.php ampache-3.3.2-beta1/lib/preferences.php --- ampache-3.3.2-alpha4/lib/preferences.php 2005-12-27 01:32:56.000000000 -0800 +++ ampache-3.3.2-beta1/lib/preferences.php 2006-01-08 23:06:13.000000000 -0800 @@ -1,7 +1,7 @@ "; + $rss_song_description = $rss_description; + echo ""; echo "\n$rss_main_title\n"; echo "$web_path\n$rss_main_description\n"; echo "$rss_main_copyright"; @@ -48,17 +50,17 @@ while ($r = mysql_fetch_object($db_result)) { $song = new Song($r->song_id); $song->format_song(); - $user = get_user_byid($r->user_id); + if (is_object($song)) { $artist = $song->f_artist; $album = $song->get_album_name(); - $text = "$artist - $song->f_title"; - echo " "; - echo " <![CDATA[$text]]> "; - echo " $web_path/albums.php?action=show&album=$song->album"; - echo " $rss_song_description"; - echo " $today"; - echo ""; + $text = "$artist - $song->f_title played by $r->user"; + echo " \n"; + echo " <![CDATA[$text]]> \n"; + echo " $web_path/albums.php?action=show&album=$song->album\n"; + echo " f_title @ $album is played by $r->user]]>\n"; + echo " $today\n"; + echo "\n"; } } diff -urN ampache-3.3.2-alpha4/lib/search.php ampache-3.3.2-beta1/lib/search.php --- ampache-3.3.2-alpha4/lib/search.php 2005-12-27 01:32:56.000000000 -0800 +++ ampache-3.3.2-beta1/lib/search.php 2006-01-08 23:06:13.000000000 -0800 @@ -1,7 +1,7 @@ diff -urN ampache-3.3.2-alpha4/lib/stream.lib.php ampache-3.3.2-beta1/lib/stream.lib.php --- ampache-3.3.2-alpha4/lib/stream.lib.php 2005-12-27 01:32:56.000000000 -0800 +++ ampache-3.3.2-beta1/lib/stream.lib.php 2006-01-08 23:06:13.000000000 -0800 @@ -1,7 +1,7 @@ $song->bitrate) { $sample_rate = $song->bitrate/1000; $sample_ratio = '1'; } - - /* Validate the bitrate */ - $sample_rate = validate_bitrate($sample_rate); - - /* Set the Sample Ratio */ - $sample_ratio = $sample_rate/($song->bitrate/1000); + else { + /* Set the Sample Ratio */ + $sample_ratio = $sample_rate/($song->bitrate/1000); + } header("Content-Length: " . $sample_ratio*$song->size); $browser->downloadHeaders($song_name, $song->mime, false,$sample_ratio*$song->size); @@ -234,10 +234,12 @@ $eofss = floor($song->time-$eofmm*60); $eof = sprintf("%02d.%02d",$eofmm,$eofss); + $song_file = escapeshellarg($song->file); + /* Replace Variables */ $downsample_command = conf($song->stream_cmd()); - $downsample_command = str_replace("%FILE%",$song->file,$downsample_command); + $downsample_command = str_replace("%FILE%",$song_file,$downsample_command); $downsample_command = str_replace("%OFFSET%",$offset,$downsample_command); $downsample_command = str_replace("%EOF%",$eof,$downsample_command); $downsample_command = str_replace("%SAMPLE%",$sample_rate,$downsample_command); diff -urN ampache-3.3.2-alpha4/lib/themes.php ampache-3.3.2-beta1/lib/themes.php --- ampache-3.3.2-alpha4/lib/themes.php 2005-12-27 01:32:56.000000000 -0800 +++ ampache-3.3.2-beta1/lib/themes.php 2006-01-08 23:06:13.000000000 -0800 @@ -1,7 +1,7 @@ " . _("Playlist Actions") . ": " . _("New") ." | "; - echo " " . _("View All") . " | "; - echo " " . _("Import") . ""; - echo "

"; - -} // show_playlist_menu - -/** * show_admin_menu * shows the admin menu */ @@ -442,25 +429,6 @@ } // show_edit_profile /** - * show_playlist - * this shows the current playlist - */ -function show_playlist($playlist_id) { - - /* Create the Playlist */ - $playlist = new Playlist($playlist_id); - $song_ids = $playlist->get_songs(); - - if (count($song_ids) > 0) { - show_songs($song_ids, $playlist->id); - } - else { - echo "

" . _("No songs in this playlist.") . "

\n"; - } - -} // show_playlist - -/** * show_play_selected * this shows the playselected/add to playlist * box, which includes a little javascript @@ -986,7 +954,8 @@ } /* Sanatize the $_SERVER['PHP_SELF'] variable */ - $location['page'] = preg_replace("/^\/(.+\.php)\/?.*/","$1",$source); + $source = str_replace(conf('raw_web_path'),"",$source); + $location['page'] = preg_replace("/^\/(.+\.php)\/?.*/","$1",$source); switch ($location['page']) { case 'index.php': @@ -1103,59 +1072,6 @@ } // show_genre_pulldown -function username_exists($check_user){ - - $check_user = sql_escape($check_user); - - $sql = "SELECT * FROM user WHERE username='$check_user'"; - $db_results = mysql_query($sql, dbh()); - - if ($r = mysql_fetch_assoc($db_results)) { - return true; - } - else { - return false; - } -} // username_exists - -/** - * new_user - * FIXME: This needs to be done right... I don't know how right is - * but my guess is this isn't it, so anyway this just creates a new user - * this should really use the built in functions rather than creating - * a new one - */ -function new_user($username, $fullname, $email, $password) { - - /* First lets clean up the fields... */ - $username = sql_escape($username); - $fullname = sql_escape($fullname); - $email = sql_escape($email); - $access = '5'; - if(conf('auto_user')){ - $access='25'; - } - - /* Check to see if the user exists... */ - //FIXME: Use the error class - if(username_exists($username)){ - return false; - } - - /* Uhh let's not auto-pass through in this fashion FIXME */ - else { - /* Apparently it's a new user, now insert the user into the database*/ - $sql = "INSERT INTO user (username, fullname, email, password, access) VALUES" . - " ('$username','$fullname','$email',PASSWORD('$password'),'$access')"; - $db_results = mysql_query($sql, dbh()); - show_template('style'); - show_confirmation('Registration Complete','You have registered succesfully','/login.php'); - } - - return true; - -} // new_user - /** * good_email * Don't get me started... I'm sure the indenting is still wrong on this @@ -1191,6 +1107,89 @@ return true; } //good_email +/** + * str_rand + * + * + */ +function str_rand($length = 8, $seeds = 'abcdefghijklmnopqrstuvwxyz0123456789'){ + $str = ''; + $seeds_count = strlen($seeds); + + // Seed + list($usec, $sec) = explode(' ', microtime()); + $seed = (float) $sec + ((float) $usec * 100000); + mt_srand($seed); + + // Generate + for ($i = 0; $length > $i; $i++) { + $str .= $seeds{mt_rand(0, $seeds_count - 1)}; + } + + return $str; +} //str_rand + +/** + * send_confirmation + * + * + */ +function send_confirmation($username, $fullname, $email, $password, $validation) { + +$title = conf('site_title'); +$from = "From: Ampache <".conf('mail_from').">"; +$body = "Welcome to $title + +Please keep this email for your records. Your account information is as follows: + +---------------------------- +Username: $username +Password: $password +---------------------------- + +Your account is currently inactive. You cannot use it until you visit the following link: +" +. conf('web_path'). "/activate.php?mode=activate&u=$username&act_key=$validation + +Please do not forget your password as it has been encrypted in our database and we cannot retrieve it for you. However, should you forget your password you can request a new one which will be activated in the same way as this account. + +Thank you for registering."; + + +mail($email, "Welcome to $title" , $body, $from); + +} //send_confirmation + +/** + * show_registration_agreement + * This function reads in /config/registration_agreement.php + * Plaintext Only + */ +function show_registration_agreement() { + + $filename = conf('prefix') . '/config/registration_agreement.php'; + + /* Check for existance */ + $fp = fopen($filename,'r'); + + if (!$fp) { return false; } + + $data = fread($fp,filesize($filename)); + + /* Scrub and show */ + echo scrub_out($data); + +} // show_registration_agreement + + +/** + * show_playlist_import + * This shows the playlist import templates + */ +function show_playlist_import() { + + require (conf('prefix') . '/templates/show_import_playlist.inc.php'); +} // show_playlist_import ?> diff -urN ampache-3.3.2-alpha4/lib/upload.php ampache-3.3.2-beta1/lib/upload.php --- ampache-3.3.2-alpha4/lib/upload.php 2005-12-27 01:32:56.000000000 -0800 +++ ampache-3.3.2-beta1/lib/upload.php 2006-01-08 23:06:13.000000000 -0800 @@ -1,5 +1,8 @@ \n" "Language-Team: LANGUAGE \n" @@ -20,127 +20,201 @@ msgid "Session Expired: please log in again at" msgstr "" -#: ../../lib/preferences.php:211 ../../templates/show_users.inc:97 -msgid "Enable" +#: ../../lib/class/catalog.class.php:281 ../../lib/class/catalog.class.php:566 +#: ../../lib/class/album.class.php:263 +msgid "Error: Unable to open" msgstr "" -#: ../../lib/preferences.php:212 ../../templates/show_users.inc:100 -msgid "Disable" +#: ../../lib/class/catalog.class.php:304 +msgid "Error: Unable to change to directory" msgstr "" -#: ../../lib/preferences.php:224 ../../templates/add_catalog.inc:60 -msgid "Local" +#: ../../lib/class/catalog.class.php:330 +msgid "Error: Unable to get filesize for" msgstr "" -#: ../../lib/preferences.php:227 -msgid "Stream" +#: ../../lib/class/catalog.class.php:365 +msgid "Added" msgstr "" -#: ../../lib/preferences.php:230 -msgid "IceCast" +#: ../../lib/class/catalog.class.php:377 +msgid "is not readable by ampache" msgstr "" -#: ../../lib/preferences.php:233 -msgid "Downsample" +#: ../../lib/class/catalog.class.php:441 +msgid "Found in ID3" msgstr "" -#: ../../lib/preferences.php:236 -msgid "Music Player Daemon" +#: ../../lib/class/catalog.class.php:445 +msgid "Found on Amazon" msgstr "" -#: ../../lib/preferences.php:239 -msgid "SlimServer" +#: ../../lib/class/catalog.class.php:449 +msgid "Found in Folder" msgstr "" -#: ../../lib/preferences.php:248 -msgid "M3U" +#: ../../lib/class/catalog.class.php:453 +msgid "Found" msgstr "" -#: ../../lib/preferences.php:249 -msgid "Simple M3U" +#: ../../lib/class/catalog.class.php:456 +msgid "Not Found" msgstr "" -#: ../../lib/preferences.php:250 -msgid "PLS" +#: ../../lib/class/catalog.class.php:464 +msgid "Searched" msgstr "" -#: ../../lib/preferences.php:251 -msgid "Asx" +#: ../../lib/class/catalog.class.php:622 +msgid "Starting Dump Album Art" msgstr "" -#: ../../lib/preferences.php:258 -msgid "English" +#: ../../lib/class/catalog.class.php:642 +msgid "Written" msgstr "" -#: ../../lib/preferences.php:259 -msgid "British English" +#: ../../lib/class/catalog.class.php:651 +msgid "Error unable to open file for writting" msgstr "" -#: ../../lib/preferences.php:260 -msgid "German" +#: ../../lib/class/catalog.class.php:658 +msgid "Album Art Dump Complete" msgstr "" -#: ../../lib/preferences.php:261 -msgid "French" +#: ../../lib/class/catalog.class.php:659 ../../artists.php:64 +#: ../../albums.php:153 +msgid "Return" msgstr "" -#: ../../lib/preferences.php:262 -msgid "Turkish" +#: ../../lib/class/catalog.class.php:728 +msgid "Starting Catalog Build" msgstr "" -#: ../../lib/preferences.php:263 -msgid "Spanish" +#: ../../lib/class/catalog.class.php:733 +msgid "Running Remote Sync" msgstr "" -#: ../../lib/preferences.php:264 -msgid "Dutch" +#: ../../lib/class/catalog.class.php:745 ../../lib/class/catalog.class.php:904 +msgid "Added Playlist From" msgstr "" -#: ../../lib/preferences.php:265 -msgid "Simplified Chinese" +#: ../../lib/class/catalog.class.php:752 ../../lib/class/catalog.class.php:913 +#: ../../admin/catalog.php:258 +msgid "Starting Album Art Search" msgstr "" -#: ../../lib/duplicates.php:80 -msgid "Find Duplicates" +#: ../../lib/class/catalog.class.php:762 +msgid "Catalog Finished" msgstr "" -#: ../../lib/duplicates.php:83 -msgid "Search Type" +#: ../../lib/class/catalog.class.php:762 ../../lib/class/catalog.class.php:932 +msgid "Total Time" msgstr "" -#: ../../lib/duplicates.php:91 ../../lib/class/song.class.php:275 -#: ../../templates/show_search.inc:48 -msgid "Title" +#: ../../lib/class/catalog.class.php:762 ../../lib/class/catalog.class.php:933 +msgid "Total Songs" msgstr "" -#: ../../lib/duplicates.php:97 -msgid "Artist and Title" +#: ../../lib/class/catalog.class.php:763 ../../lib/class/catalog.class.php:933 +msgid "Songs Per Seconds" msgstr "" -#: ../../lib/duplicates.php:102 -msgid "Artist, Album and Title" +#: ../../lib/class/catalog.class.php:797 +#: ../../lib/class/catalog.class.php:1512 +msgid "Updated" msgstr "" -#: ../../lib/duplicates.php:110 ../../templates/menu.inc:39 -#: ../../templates/show_search.inc:153 ../../templates/show_search_bar.inc:50 -msgid "Search" +#: ../../lib/class/catalog.class.php:804 +msgid "No Update Needed" msgstr "" -#: ../../lib/general.lib.php:640 -msgid "Not Enough Data" +#: ../../lib/class/catalog.class.php:885 +msgid "Starting New Song Search on" msgstr "" -#: ../../lib/class/genre.class.php:278 -msgid "Show Genres starting with" +#: ../../lib/class/catalog.class.php:885 +msgid "catalog" msgstr "" -#: ../../lib/class/album.class.php:126 -msgid "Various" +#: ../../lib/class/catalog.class.php:889 +msgid "Running Remote Update" msgstr "" -#: ../../lib/